Marek Posolda
d27635fb1b
Fixing for token revocation checks only ( #9707 )
...
Closes #9705
2022-02-02 15:21:44 +01:00
Dominik Guhr
b24c7ecaae
Outgoing requests guide v1 ( #9866 )
...
* Outgoing requests guide v1
Closes #9773
* Apply suggestions from code review
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2022-02-02 13:58:25 +01:00
Pedro Igor
3967c81453
Review Configuring a Database guide ( #9559 )
...
Closes #9457
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2022-02-02 13:30:53 +01:00
Martin Bartoš
191ef1874e
Complete support for Passwordless tests
...
Closes #9850
2022-02-02 09:12:46 +01:00
Daniel Gozalo
3528e7ba54
[ fixes #9224 ] - Get consented scopes from AuthorizationContext
...
Always show the consent screen when a dynamic scope is requested and show the requested parameter
Improve the code that handles dynamic scopes consent and add some log traces
Add a test to check how we show dynamic scope in the consent screen and added missing template file change
Fix merge problem in comment and improve other comments
Fix the Dynamic Scope test by assigning it to the client as optional instead of default
Change how dynamic scopes are represented in the consent screen and adapt test
2022-02-02 09:10:20 +01:00
andymunro
0301630480
9904 Editing the enable TLS guide ( #9909 )
2022-02-02 08:48:04 +01:00
andymunro
bd0fda8643
9921 fixing a typo. thanks, Dominik ( #9924 )
2022-02-02 08:46:14 +01:00
andymunro
4dd27e43d1
9847 Addressing comments from Dominik ( #9883 )
2022-02-02 08:43:35 +01:00
Alexander Schwartz
9d46b45a9c
Ensure that parent's version ID is incremented when an attribute changes.
...
This is necessary to allow the optimistic locking functionality to work as expected when changing only attributes on an entity.
Closes #9874
2022-02-01 20:33:10 +01:00
vramik
13e02d5f09
JPA map storage: Client scope no-downtime store
...
Closes #9663
2022-02-01 20:26:00 +01:00
Pedro Igor
fe0cb36284
Do not run re-augmentation if config is the same in dev mode
...
Closes #9906
2022-02-01 13:32:16 -03:00
Dominik Guhr
829e2a9a3e
Change test order ( #9911 )
...
Closes #9910
2022-02-01 14:08:44 +01:00
Stian Thorgersen
078984ace6
Add support for pinning guides to the top ( #9913 )
...
Closes #9912
2022-02-01 13:39:17 +01:00
Martin Bartoš
243b6ba552
Test scenarios for verifying of JS injection for WebAuthn Policy
...
Closes #9544
2022-02-01 11:16:12 +01:00
Martin Bartoš
47208b7a20
Extend and fix tests for Resident Keys for WebAuthn
...
Closes #9796
2022-02-01 11:11:04 +01:00
Stian Thorgersen
cc88fb2daa
Update default distribution to Quarkus ( #9839 )
...
Closes #9837
2022-02-01 09:42:09 +01:00
Andreas Rühl
99213ab042
hardcoded string replaced with localization ( #9543 )
...
Co-authored-by: Andreas Ruehl <ar@asuar.de>
2022-01-31 15:15:32 -05:00
Martin Bartoš
c40e842b45
Verify the WebAuthn functionality and settings for authentication ( #9851 )
...
* Verify the WebAuthn functionality and settings for authentication
Closes #9504
2022-01-31 15:42:08 +01:00
Dominik Guhr
5a1f4b8889
Quarkus update to 2.7.0.Final
...
Minor and micro dependency updates, some relocations (e.g. vault, ZipUtils), so some changes were needed to make this work.
Closes #9872
2022-01-31 09:55:02 -03:00
Michal Hajas
c648e121ed
Convert authz entities into interfaces
...
Closes #9740
2022-01-31 13:51:56 +01:00
Daniel Gozalo
dc814b85c7
Pass the UserId to the function that runs the inner function in the server as it was losing its value when defined globally for Wildfly and Quarkus
2022-01-31 13:02:22 +01:00
Alexander Schwartz
df7ddbf9b3
Added ModelIllegalStateException to handle lazy loading exception.
...
Closes #9645
2022-01-31 10:10:41 +01:00
Alexander Schwartz
64cbbde7cf
Adding workaround unstable tests due to Infinispan 12.1.7
...
Closes #9867
2022-01-30 20:58:51 +01:00
Andreas Ruehl
f11b049e52
Missing translation of webauthn-doAuthenticate added
...
closes #9424
2022-01-28 17:48:10 +01:00
Alexander Schwartz
2b81e62b6b
Adding workaround for deadlock in tests for Infinispan 12.1.7
...
Closes #9648
2022-01-28 15:29:50 +01:00
Stian Thorgersen
d1d656162d
Enable keycloak.v2 admin theme by default when admin2 feature is enabled ( #9859 )
...
Closes #9858
2022-01-28 13:24:50 +01:00
Dominik Guhr
f70a22f583
Run from Container guide V1 ( #9646 )
...
Closes #9465
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2022-01-27 14:57:18 +01:00
Stian Thorgersen
cceeb9a5d7
Sort options in guides by key ( #9813 )
...
Closes #9812
2022-01-27 12:25:28 +01:00
Dominik Guhr
6395e89cfc
Vault Guide v1 ( #9772 )
...
* Vault Guide v1
Containing only Kubernetes / OpenShift secrets via file based vault for now
Closes #9462
* Apply suggestions from code review
Co-authored-by: Andrea Peruffo <andrea.peruffo1982@gmail.com>
Co-authored-by: Andrea Peruffo <andrea.peruffo1982@gmail.com>
2022-01-27 11:18:50 +01:00
Dominik Guhr
47ad9a29eb
Hostname Guide V1 ( #9762 )
...
Closes #9460
2022-01-27 11:17:22 +01:00
Pedro Igor
d140abb8fa
Mapped Quarkus properties should not be persisted ( #9808 )
...
Closes #9807
2022-01-27 11:12:31 +01:00
Pedro Igor
7c162b42a6
Improve enabling/disabling features in Quarkus distribution ( #9801 )
...
Closes #9706
2022-01-27 11:11:46 +01:00
Martin Bartoš
2919342f3a
Add test scenarios for Passwordless Webauthn AIA
...
Closes #9795
2022-01-27 11:02:43 +01:00
Andrea Peruffo
24d6f75d11
CRD generation from RealmRepresentation ( #9759 )
...
Enabling CRD generation from RealmRepresentation
Closes #9759
2022-01-27 10:56:46 +01:00
Dominik Guhr
0f082dde5b
fix relevant options for existing guides ( #9805 )
...
closes #9804
2022-01-27 10:03:11 +01:00
Takashi Norimatsu
ef134390c2
Client Policies : Condition's negative logic configuration is not shown in Admin Console's form view
...
Closes #9447
2022-01-27 09:55:22 +01:00
bal1imb
9621d513b5
KEYCLOAK-18727 Improve user search query
2022-01-26 17:03:05 +01:00
Dominik Guhr
80072b30cd
Features guide
...
Co-authored-by: stianst <stianst@gmail.com>
Closes #9461
2022-01-26 12:50:41 -03:00
Alexander Schwartz
9e257d4a01
Added warning when storage contains multi-valued attributes and Keycloak model doesn't support them.
...
Closes #9714
2022-01-26 15:40:00 +01:00
Pedro Igor
781ceb24fd
Add a quarkus.properties for unsupported configuration options
...
Closes #9682
2022-01-26 11:26:50 -03:00
Michal Hajas
de161d02b9
Store updated flag in the entity, not in the delegate
...
Closes #9774
2022-01-26 15:24:42 +01:00
Daniel Gozalo
4136bf7700
[ fixes #9750 ] Make sure a Dynamic scope isn't assignable to a client as a default scope, and only show non-dynamic scopes in the available client scopes client menu
2022-01-26 13:32:04 +01:00
Daniel Gozalo
dad51773ea
[ fixes #9223 ] - Create an internal representation of RAR that also handles Static and Dynamic Client Scopes
...
Parse scopes to RAR representation and validate them against the requested scopes in the AuthorizationEndpointChecker
Parse scopes as RAR representation and add the created context on the different cache models in order to store the state and make it available for mappers in the ClientSessionContext
Create a new AuthorizationRequestSpi to provide different implementations for either dynamic scopes or RAR requests parsing
Move the AuthorizationRequest objects to server-spi
Add the AuthorizationRequestContext property to the MapAuthenticationSessionEntity and configure MapAuthenticationSessionAdapter to access it
Remove the AuthorizationRequestContext object from the cache adapters and entities and instead recalculate the RAR representations from scopes every time
Refactor the way we parse dynamic scopes and put everything behind the DYNAMIC_SCOPES feature flag
Added a login test and added a function to get the requested client scopes, including the dynamic one, behind a feature flag
Add a new filter to the Access Token dynamic scopes to avoid adding scopes that are not permitted for a user
Add tests around Dynamic Scopes: replaying existing tests while enabling the DYNAMIC_SCOPES feature and adding a few more
Test how the server genereates the AuthorizationDetails object
Fix formatting, move classes to better packages and fix parent test class by making it Abstract
Match Dynamic scopes to Optional scopes only and fix tests
Avoid running these tests on remote auth servers
2022-01-26 13:19:23 +01:00
Dominik Guhr
af9d840ec1
Add section about recommended path exposures in reverse proxy ( #9752 )
...
Closes #9751
2022-01-26 09:02:25 +01:00
Václav Muzikář
6b485b8603
Baseline for Keycloak deployment in operator
2022-01-25 11:06:26 -03:00
Pedro Igor
d28b54e5d5
Hide Hasicorp Vault from CLI ( #9700 )
...
Closes #9688
2022-01-25 14:24:35 +01:00
Stian Thorgersen
194c95de58
Upgrade to WildFly 26.0.1 ( #9768 )
...
Closes #9767
2022-01-25 09:37:28 +01:00
andreaTP
90d6432d16
Proper kustomize setup for the operator
2022-01-24 13:13:16 -03:00
Alexander Schwartz
e2ac7b38f4
Adding missing database constraints for clients in JPA map storage.
...
This should ensure consistency for the store even in the event of concurrent creation of clients by multiple callers.
Closes #9610
2022-01-23 20:34:28 +01:00
Pedro Igor
b53c5d5eee
Build command should not allow runtime options
...
Closes #9618
2022-01-23 16:30:48 -03:00