Commit graph

15251 commits

Author SHA1 Message Date
Stian Thorgersen
a5670af745
Keycloak CI workflow refactoring (#15968)
* Keycloak CI workflow refactoring

Closes #15861

* Update testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh

Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>

* Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh

Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>

* Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh

Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>

* Update CodeQL actions

Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2022-12-14 16:12:23 +01:00
dependabot[bot]
6f802b5c1f Bump github/codeql-action from 2.1.34 to 2.1.36
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.34 to 2.1.36.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.34...v2.1.36)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-12-14 07:51:25 -03:00
Pedro Igor
d27a5d5b42
Do not execute test methods before HTTPS listener is not ready (#15984)
Closes #15904
2022-12-14 07:47:43 +01:00
Stian Thorgersen
0f2ca3bfdd
fixes from release/20 (#15982)
* Avoid path traversal vis double-url encoding of redirect URI (#8)

(cherry picked from commit a2128fb9e940d96c2f9a64edcd4fbcc768eedb4f)

* Do not resolve user session if corresponding auth session does not exist (#7)

* Stabilizing the ConcurrentLoginTest when running with JPA map storage by locking user sessions (#9)

Co-authored-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2022-12-14 07:46:17 +01:00
Stan Silvert
5ced20e1ee
Allow any admin role on GET profile call (#15967) 2022-12-13 15:56:22 -05:00
Pedro Igor
1ed81fa377 Updating production guide about how to change network stack setting
Closes #15925
2022-12-12 09:29:14 -08:00
Pedro Igor
0c4ac62a5f Disabling strict https if hostname is diasabled
Closes #15287
2022-12-12 09:10:39 -08:00
Stian Thorgersen
30cc16e648
Move authorization tests into authz package (#15957)
Closes #15956
2022-12-12 18:09:11 +01:00
Stefan Guilhen
d6a4acceda Exclude commons-text from liquibase-core dependency
Closes #15915
2022-12-12 10:38:54 -03:00
Pedro Igor
a861d633e2 Resolving dns names used from tests from local host file
Closes #15904
2022-12-12 02:35:59 -08:00
Alexander Schwartz
e4804de9e3 Changing Quarkus transaction handling for JPA map storage to JTA
This has been recommended as the supported way of transaction handling by the Quarkus team.
Adding handling of exceptions thrown when committing JTA.
Re-adding handling of exceptions when interacting with the entity manager, plus wrapping access to queries to map exceptions during auto-flushing.

Closes #13222
2022-12-09 10:07:05 -03:00
Peter Zaoral
1073a342cf Cleanup dependencies and align with Quarkus
* aligned parent POM dependency versions with the Quarkus BOM

Closes #15325

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2022-12-09 09:10:30 -03:00
Hynek Mlnařík
208affe000 Update generator to record the entity to fields mapping
Fixes: #15677
2022-12-08 15:40:28 +01:00
Hynek Mlnarik
901c85f6c0 Camel case field names
Fixes: #15846
2022-12-08 15:40:28 +01:00
douph1
4acd1afa3b Use org.keycloak.common.util.Base64Url to encode/decode clientID
fix #15734
    related #10227 #10231
2022-12-08 08:49:55 +01:00
zak905
993d910520 avoid NPE in LegacyAttributes when using federated storage
Closes #https://github.com/keycloak/keycloak/issues/15482
2022-12-07 14:25:08 -03:00
Stian Thorgersen
21cce0a1d3
Update bug issue form to add checkboxes for search/latest release (#15891) 2022-12-07 15:12:49 +01:00
Michal Hajas
de7dd77aeb Change id of TermsAndConditions required actions to uppercase
Closes #9991
2022-12-07 10:51:37 -03:00
Alexander Schwartz
2ed162d8c7
Update to latest version of Keycloak Actionbot (#15667)
Closes #15666
2022-12-07 13:47:10 +01:00
mposolda
f4e91a5312 The redirect URI cannot be verified during logout in the case when client was removed
closes #15866
2022-12-07 08:20:30 +01:00
mposolda
264c5a6cdb Support for KcReg and KcAdm CLI to use BCFIPS instead of BC on FIPS platforms
Closes #14968
2022-12-06 13:02:46 +01:00
Pedro Igor
022d2864a6 Make sure JAX-RS resource methods are advertizing the media type they support
Closes #15811
Closes #15810
2022-12-06 08:13:43 -03:00
Stian Thorgersen
2f0d8cd895
Move hok, par, and rar tests to oauth package (#15834)
Closes #15833
2022-12-05 15:42:20 +01:00
Pedro Igor
1673906a54 Improving quarkus testsuite execution time
Closes #13544
2022-12-05 15:06:36 +01:00
Michal Hajas
59ccae76cb
Fix flaky JS test (#15804)
Closes #15761

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2022-12-05 13:16:04 +01:00
Sebastian Schuster
3c6e2c3c1e 15234 switch to micrometer metrics 2022-12-05 08:11:35 -03:00
Rafał Gała
b7d7268744 Initialize CryptoIntegration before loading adapter config
Initialize CryptoIntegration before building KeycloakDeploymentBuilder, same way as in public static KeycloakDeployment build(InputStream is) method

Closes #15767
2022-12-02 12:46:16 +01:00
Václav Muzikář
7a0ad6ff21 Handle null in HttpRequestImpl 2022-12-02 12:17:10 +01:00
Stefan Guilhen
3a9e051301 Add debug log messages to KeycloakModelUtils.runJobInRetriableTransaction
Closes #15749
2022-12-01 15:19:37 -03:00
Stian Thorgersen
24ace9a0f7
Disable cancelling concurrent jobs in Keycloak CI (#15784)
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2022-12-01 14:46:30 +01:00
Pedro Igor
168734b817 Removing references to request and response from Resteasy
Closes #15374
2022-12-01 08:38:24 -03:00
Stian Thorgersen
8e6437e596
Fix Flaky test: RequiredActionTotpSetupTest.setupTotpExistingReusableCodeDisabled (#15779)
Closes #15564
2022-12-01 10:41:46 +01:00
Hynek Mlnařík
60ce949304 Ignore unknown clients in LDAP role mapper
Fixes: #10958
2022-12-01 09:51:05 +01:00
Pedro Igor
26901dce19 Downgrade to Quarkus 2.13.5.Final
Closes #15764
2022-11-30 20:21:06 -03:00
dependabot[bot]
e923f4f943 Bump minimatch and cordova-ios in /examples/cordova-native
Bumps [minimatch](https://github.com/isaacs/minimatch) to 3.1.2 and updates ancestor dependency [cordova-ios](https://github.com/apache/cordova-ios). These dependencies need to be updated together.


Updates `minimatch` from 3.0.4 to 3.1.2
- [Release notes](https://github.com/isaacs/minimatch/releases)
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md)
- [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2)

Updates `cordova-ios` from 4.5.5 to 6.2.0
- [Release notes](https://github.com/apache/cordova-ios/releases)
- [Changelog](https://github.com/apache/cordova-ios/blob/master/RELEASENOTES.md)
- [Commits](https://github.com/apache/cordova-ios/compare/4.5.5...6.2.0)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-type: indirect
- dependency-name: cordova-ios
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-30 13:45:18 -03:00
Stian Thorgersen
c24bc1bab0
Tweak time offset in RefreshTokenTest (#15760)
Closes #15718
2022-11-30 16:11:46 +01:00
dependabot[bot]
4f8de9639a Bump minimatch from 3.0.4 to 3.1.2 in /examples/cordova-native
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2.
- [Release notes](https://github.com/isaacs/minimatch/releases)
- [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-29 11:01:18 -03:00
Stian Thorgersen
c3c858c88a
Fix OpenshiftClientStorageTest.testCodeGrantFlowWithServiceAccountUsingOAuthRedirectReference (#15741)
Closes #15565
2022-11-29 14:20:21 +01:00
Stefan Guilhen
55b2162421 Create map-file module with empty implementations
Closes #15706
2022-11-29 12:58:55 +01:00
dependabot[bot]
0ade39c129 Bump keycloak/keycloak-gh-actionbot from 0.3.0 to 0.3.1
Bumps [keycloak/keycloak-gh-actionbot](https://github.com/keycloak/keycloak-gh-actionbot) from 0.3.0 to 0.3.1.
- [Release notes](https://github.com/keycloak/keycloak-gh-actionbot/releases)
- [Commits](33d8759517...a3d3f240f2)

---
updated-dependencies:
- dependency-name: keycloak/keycloak-gh-actionbot
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-28 16:54:27 -03:00
dependabot[bot]
a383865150 Bump github/codeql-action from 2.1.33 to 2.1.34
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.33 to 2.1.34.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.33...v2.1.34)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-28 16:17:53 -03:00
dependabot[bot]
82f08b709c Bump sshd-core in /testsuite/integration-arquillian/util
Bumps [sshd-core](https://github.com/apache/mina-sshd) from 2.3.0 to 2.7.0.
- [Release notes](https://github.com/apache/mina-sshd/releases)
- [Changelog](https://github.com/apache/mina-sshd/blob/master/CHANGES.md)
- [Commits](https://github.com/apache/mina-sshd/compare/sshd-2.3.0...sshd-2.7.0)

---
updated-dependencies:
- dependency-name: org.apache.sshd:sshd-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-28 12:04:15 -03:00
dependabot[bot]
3a35b05253 Bump ant in /testsuite/integration-arquillian/tests
Bumps ant from 1.9.15 to 1.10.11.

---
updated-dependencies:
- dependency-name: org.apache.ant:ant
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-28 12:03:47 -03:00
dependabot[bot]
17be19d4d3 Bump commons-io in /testsuite/integration-arquillian/util
Bumps commons-io from 2.6 to 2.7.

---
updated-dependencies:
- dependency-name: commons-io:commons-io
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-28 12:03:20 -03:00
Miquel Simon
88bc5e2307 Use different Postgres image in Testcontainers. Upgraded Testcontainers dependency to 1.17.5. 2022-11-28 10:57:14 +01:00
Pedro Igor
17bf092da6 Keycloak wrongly assumes that the default datasource is the first one
Closes #15608
2022-11-25 16:32:47 +01:00
dependabot[bot]
20592dda29 Bump minimatch from 3.0.4 to 3.1.2 in /examples/cordova-native
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2.
- [Release notes](https://github.com/isaacs/minimatch/releases)
- [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-25 10:59:59 -03:00
dependabot[bot]
da91f8563a Bump minimatch from 3.0.4 to 3.1.2 in /adapters/oidc/js
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2.
- [Release notes](https://github.com/isaacs/minimatch/releases)
- [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-11-25 10:58:30 -03:00
mposolda
3e9c729f9e X.509 authentication fixes for FIPS
Closes #14967
2022-11-25 11:50:30 +01:00
Stefan Guilhen
5c2a5fac31 Enable all test methods in ConcurrentLoginTest for JPA Map Storage
- Tests still disabled for Hotrod and CHM
- Fixes concurrent login issues with CRDB. Verified with both PostgreSQL and CockroachDB.

Closes #12707
Closes #13210
2022-11-24 13:36:22 +01:00