libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
24999 commits 4 branches 5 tags 480 MiB
Commit graph

6679 commits

Author SHA1 Message Date
Stefan Guilhen
1aab371912 Fix errors when importing realms with the organization feature enabled 
Closes #29630

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-05-17 07:25:31 -03:00
Ricardo Martin
74a80997c7
Fix CRL verification failing due to client cert not being in chain (#29582) 
closes #19853

Signed-off-by: Micah Algard <micahalgard@gmail.com>
Signed-off-by: rmartinc <rmartinc@redhat.com>


Co-authored-by: Micah Algard <micahalgard@gmail.com>
Co-authored-by: rmartinc <rmartinc@redhat.com>
 2024-05-17 11:28:07 +02:00
Dimitri Papadopoulos Orfanos
64a145e960
Fix user-facing typos in error messages (#29326) 
Update resource file and tests accordingly

Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
 2024-05-16 09:55:41 +02:00
Takashi Norimatsu
b4e7d9b1aa
Passkeys: Supporting WebAuthn Conditional UI (#24305) 
closes #24264

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: mposolda <mposolda@gmail.com>
 2024-05-16 07:58:43 +02:00
rmartinc
89d7108558 Restrict access to whoami endpoint for the admin console and users with realm access 
Closes #25219

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-05-15 19:06:57 +02:00
Stefan Guilhen
c4760b8188 Ensure that IDP's linked domains are remove when org is deleted or when the domain is removed from the org. 
Closes #29481

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-05-14 15:39:18 -03:00
Martin Kanis
3985157f9f Make sure operations on a organization are based on realm they belong to 
Closes #28841

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-05-14 10:47:39 -03:00
Pedro Igor
b4d231fd40 Fixing realm removal when removing groups and brokers associated with an organization 
Closes #29495

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-14 14:29:27 +02:00
Pedro Igor
b5a854b68e
Minor improvements to invitation email templates (#29498) 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-14 13:19:02 +02:00
Pedro Igor
1b583a1bab Email validation for managed members should only fail if it does not match the domain set to a broker 
Closes #29460

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-14 10:46:22 +02:00
mposolda
d8a7773947 Adding dummyHash to DirectGrant request in case user does not exists. Fix dummyHash for normal login requests 
closes #12298

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-05-13 16:33:29 +02:00
kaustubh-rh
8a82b6b587
Added a check in ClientInitialAccessResource (#29353) 
closes #29311

Signed-off-by: Kaustubh Bawankar <kbawanka@redhat.com>
 2024-05-13 13:00:36 +02:00
rmartinc
2cc051346d Allow empty CSP header in headers provider 
Closes #29458

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-05-13 10:51:31 +02:00
Alexander Schwartz
6cc8d653f3 Make SessionWrapper related fields immutable that are part of the equals method 
The cache replace logic depends on it, as values returned by reference from a local cache must never be modified on those critical fields directly.

Closes #28906

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-05-13 09:59:50 +02:00
Giuseppe Graziano
d735668fcd Fix test failures after @DisableFeature 
Closes #29253

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-05-13 08:20:54 +02:00
Pedro Igor
b50d481b10 Make sure organization groups can not be managed but when managing an organization 
Closes #29431

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-10 21:28:11 -03:00
Stefan Guilhen
f0620353a4 Ensure master realm can't be removed 
Closes #28896

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-05-10 16:56:18 -03:00
Stefan Guilhen
ceed7bc120 Add ability to search organizations by attribute 
Closes #29411

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-05-10 16:45:41 -03:00
Pedro Igor
77b58275ca Improvements to the organization authentication flow 
Closes #29416
Closes #29417
Closes #29418

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-09 16:07:52 -03:00
Pedro Igor
a65508ca13 Simplifying the CORS SPI and the default implementation 
Closes #27646

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-08 12:27:55 -03:00
Pedro Ruivo
cbce548e71 Infinispan 15.0.3.Final 
Closes #29068

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-05-08 17:18:39 +02:00
Stefan Guilhen
dde2746595 Improve tests to ensure managed users disabled upon disabling the org can't be updated 
Closes #28891

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-05-07 18:11:52 -03:00
Pedro Igor
927ba48f7a Adding tests to cover using SAML brokers in an organization 
Closes #28732

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-07 20:44:38 +02:00
Douglas Palmer
8d628d740e Can we remove undertow OIDC adapter? 
Closes #28788

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-05-07 19:47:46 +02:00
Thore
4b194d00be iso-date validator for the user-profile 
Adds a new validator in order to be able to validate user-model fields which should be modified/supplied by a datepicker.

Closes #11757

Signed-off-by: Thore <thore@kruess.xyz>
 2024-05-07 11:42:39 -03:00
Martin Kanis
d4b7e1a7d9 Prevent to manage groups associated with organizations from different APIs 
Closes #28734

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-05-07 11:16:40 -03:00
Pedro Igor
f8bc74d64f Adding SAML protocol mapper to map organization membership 
Closes #28732

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-07 15:52:35 +02:00
Stefan Guilhen
aa945d5636 Add description field to OrganizationEntity 
Closes #29356

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-05-07 10:35:51 -03:00
Pedro Igor
c0325c9fdb Do not manage brokers through the Organization API 
Closes #29268

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-07 09:15:25 -03:00
Dinesh Solanki
2172741eb6
Refactor element identifiers from ID to class (#28690) 
Closes #24462

Signed-off-by: Dinesh Solanki <15937452+DineshSolanki@users.noreply.github.com>
 2024-05-07 13:56:21 +02:00
Alice W
d1549a021e Update invitation changes based on review and revert deleted test from OrganizationMembertest 
Signed-off-by: Alice W <105500542+alice-wondered@users.noreply.github.com>
 2024-05-06 17:57:13 -03:00
Pedro Igor
40a283b9e8 Token expiration tests and updates to registration required action 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-06 17:57:13 -03:00
Pedro Igor
158162fb4f Review tests and having invitation related operations in a separate class 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-06 17:57:13 -03:00
Pedro Igor
287f3a44ce registration link tests 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-06 17:57:13 -03:00
Alice W
ce2e83c7f9 Update test and link formation on invite of new user 
Signed-off-by: Alice W <105500542+alice-wondered@users.noreply.github.com>
 2024-05-06 17:57:13 -03:00
Alice W
18356761db Add test for user invite registration and fix minor bug with registration link generation and email templating 
Signed-off-by: Alice W <105500542+alice-wondered@users.noreply.github.com>
 2024-05-06 17:57:13 -03:00
Pedro Igor
e0bdb42d41 adding test and minor updates to cover inviting existing users 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-06 17:57:13 -03:00
Stefan Guilhen
dae1eada3d Add enabled field to OrganizationEntity 
Closes #28891

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-05-06 14:46:56 -03:00
Alexander Schwartz
a9532274e3
Generate translations for locales via built-in Java functionality (#29125) 
Closes #29124

Signed-off-by: Jon Koops <jonkoops@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
 2024-05-06 09:30:14 +02:00
Giuseppe Graziano
c6d3e56cda Handle reset password flow with logged in user 
Closes #8887

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-05-06 09:10:47 +02:00
Douglas Palmer
00bd6224fa Remove remaining Fuse adapter bits 
Closes #28787

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-05-06 09:02:26 +02:00
Michal Hajas
128bba34d3 Remove PERSISTENT_USER_SESSIONS_No_CACHE feature 
Closes #29264

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2024-05-06 08:53:39 +02:00
Michal Hajas
8b715d3a31 Do not use LastSessionRefreshPersister with persistent user sessions enabled 
Closes #29144

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2024-05-06 08:49:48 +02:00
Thomas Darimont
ba43a10a6d
Improve details for user error events in OIDC protocol endpoints 
Closes #29166

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-05-06 08:32:31 +02:00
Pedro Igor
32d25f43d0 Support for mutiple identity providers 
Closes #28840

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-05-04 16:19:27 +02:00
Douglas Palmer
051c0197db Remove old-WildFly, EAP 7.4 and 6.4 SAML adapters 
Closes #28785

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-05-03 15:39:05 +02:00
Justin Tay
7bd48e9f9f Set logout token type to logout+jwt 
Closes #28939

Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>
 2024-05-03 14:51:10 +02:00
Giuseppe Graziano
8c3f7cc6e9 Ignore include in token scope for refresh token 
Closes #12326

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-05-03 09:05:03 +02:00
Douglas Palmer
e0176a7e31 Remove Wildfly and EAP OIDC adapters 
Closes #23381

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-05-02 20:16:55 +02:00
Steven Hawkins
3b1ca46be2
fix: updating docs around -q parameter (#29151) 
closes: #27877

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-05-02 16:48:43 +02:00