Commit graph

104 commits

Author SHA1 Message Date
kaustubh-rh
03f6cda85a
Prevent user from removing built-in client scopes (#27134)
Closes #26937

Signed-off-by: Kaustubh B <kbawanka@redhat.com>
2024-02-26 11:16:23 +01:00
Pedro Igor
604274fb76 Allow setting an attribute as multivalued
Closes #23539

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

Co-authored-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-02-22 12:56:44 +01:00
Douglas Palmer
b0ef746f39 Permanently lock users out after X temporary lockouts during a brute force attack
Closes #26172

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-02-22 09:34:51 +01:00
Joshua Sorah
018914d7fd Change Open ID Connect to OpenID Connect in UI and docs
Closes #27093

Signed-off-by: Joshua Sorah <jsorah@redhat.com>
2024-02-19 17:01:57 +01:00
Takashi Norimatsu
849a920955 Rename Resident key to Discoverable Credential
closes #9508

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2024-02-19 14:12:15 +01:00
Michal Hajas
de598577b1 Fix confusing SAML NameId mapper format tooltip
Closes #26051
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
2024-02-08 11:21:11 +01:00
Tero Saarni
ac1780a54f
Added event for temporary lockout for brute force protector (#26630)
This change adds event for brute force protector when user account is
temporarily disabled.

It also lowers the priority of free-text log for failed login attempts.

Signed-off-by: Tero Saarni <tero.saarni@est.tech>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-07 14:13:33 +00:00
agagancarczyk
4d106b41f3
Fixed token expiration help text (#26831)
Closes #26668

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-02-06 15:01:10 +00:00
mposolda
2f98c4a555 Tooltip for attribute name in user-profile configuration is incorrect
closes #26747

Signed-off-by: mposolda <mposolda@gmail.com>
2024-02-02 20:37:33 +01:00
Pedro Igor
3a7ce54266 Allow formating numbers when rendering attributes
Closes keycloak#26320

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-01 08:14:58 -03:00
agagancarczyk
93a6d56af3
Renamed messages in localization/realm overrides (#26663)
* renamed messages

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed test

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-02-01 11:54:26 +01:00
agagancarczyk
1281cbf0c0
Added error message if user attribute save fails (#26592)
* added error message

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* feedback

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-31 12:22:13 +00:00
agagancarczyk
f173c87e34
changed messages (#26633)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-31 12:09:41 +00:00
Erik Jan de Wit
02d86d1d8f
removed revocation (#26459)
fixes: #17734

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-30 10:49:39 +01:00
agagancarczyk
00fdb8e2f5
Fixed dropdown form in clients authorization policies tab (#26424)
* fixed dropdown forms in clients authorization

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* improved translations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* improved

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-24 07:49:27 +01:00
agagancarczyk
662c705d66
fixed typo (#26408)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-23 11:22:23 +00:00
agagancarczyk
73e5c8290f
Fixed a11y violations and typos in translations for messages in the dialog message for disabling clients. (#26395)
* fixed critical violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed more a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* renamed translation

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* added area-label

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* added area-label

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* renamed spinners translation

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-23 09:28:50 +00:00
agagancarczyk
43053b8a82
Fixed translation for search box in clients authorization policies tab (#26387)
* resolved conflict

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* resolved conflict

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-22 16:10:37 +01:00
agagancarczyk
37e0f8f92b
Fixed resource and permission names and tooltip message (#26385)
* fixed typo

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* renamed key

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-22 15:47:18 +01:00
agagancarczyk
4a49759aa0
More a11y fixes (#26344)
* fixed a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed more a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* a11y fixes

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed more a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-22 08:04:27 -05:00
Erik Jan de Wit
37790c7956
Add a way to extend the UI with an Java API (#23772)
* POC to see how we could extend the UI

This is very crude and there are still open issues that need to be worked out

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added saving option

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added list and recreate client form

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* add tab ui

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* integrate tabs

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* remove examples

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fixed error messages

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added Feature for ui customization

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-22 08:19:58 +00:00
agagancarczyk
229cbb5429
Localization > Effective message bundles tab improvements (#26302)
* added a couple of improvements

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fix theme and themeType

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* improved hasWords filter

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* added refresh btn

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed backend

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* added validation

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* cleanup

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* replaced sort with localSort

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* improved spacing

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* added useMemo

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* removed filter on themeTypes

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-19 07:21:29 -05:00
Hynek Mlnarik
17d0e7d166 Move community resources to separate directory
Also removed copying of locales directory from pom.xml (relict of #24316)

Fixes: #26236

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-01-19 10:12:12 +01:00
MelkerVeltman
0127e0e35b
Update norwegian translation of groups (#26221)
Signed-off-by: vltmn <melker@vltmn.io>
2024-01-17 13:05:46 +00:00
agagancarczyk
33651c396c
Localization: Realm Overrides Fixes (#26169)
* resolved conflict

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* improvements

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* improved tests

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* feedback

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* test fix

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* test fix

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* resolved conflict

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed test

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-16 12:24:26 +00:00
rmartinc
e162974a8d Integrate registration with terms and conditions required action
Closes #25891

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-15 10:19:30 +01:00
MikeTangoEcho
c2b132171d Add X509 thumbprint to JWT when using private_key_jwt
Closes keycloak#12946

Signed-off-by: MikeTangoEcho <mathieu.thine@gmail.com>
2024-01-12 16:01:01 +01:00
mposolda
692aeee17d Enable user profile by default
closes #25151

Signed-off-by: mposolda <mposolda@gmail.com>
2024-01-11 12:48:44 -03:00
agagancarczyk
01cd645668
Fixed a11y violations (#26125)
* fixed a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-11 15:22:21 +00:00
remi
b22efeec78 Add a toggle to use context attributes on the regex policy provider
Signed-off-by: remi <remi.tuveri@gmail.com>
2024-01-10 16:15:25 -03:00
agagancarczyk
fa23c0b4c6
Added welcome tab to admin-ui (#25992)
* resolved conflict

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed space

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* reemoved logo from welcome tab

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* feedback

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed mashead tests

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed mashead tests

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-09 19:02:31 +00:00
Erik Jan de Wit
6ea9df2cf2
fixed message for disabling clients (#25672)
fixes: #25636

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-09 14:40:36 +01:00
Erik Jan de Wit
2a0ca1cb84
change text based on the context (#25664)
fixes: #25302

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-09 14:39:53 +01:00
shigeyuki kabano
67e73d3d4e Enhancing Lightweight access token M2(keycloak#25716)
Closes keycloak#23724

Signed-off-by: shigeyuki kabano <shigeyuki.kabano.sj@hitachi.com>
2024-01-09 09:42:30 +01:00
agagancarczyk
768231d950
Localization tabs (#25532)
* Add new localization tabs to Administration Console

Closes #23057

Signed-off-by: Agnieszka <agancarc@redhat.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>

* css cleanup

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* css cleanup

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka <agancarc@redhat.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-08 14:03:26 +00:00
Daniel Shuy
904e688400
Add missing Spanish translations for keycloak.v2 admin theme (#25284)
Closes #25041

Signed-off-by: Daniel Shuy <daniel_shuy@hotmail.com>
2024-01-04 12:42:08 +00:00
Ben Cresitello-Dittmar
057d8a00ac Implement Authentication Method Reference (AMR) claim from OIDC specification
This implements a method for configuring authenticator reference values for Keycloak authenticator executions and a protocol mapper for populating the AMR claim in the resulting OIDC tokens.

This implementation adds a default configuration item to each authenticator execution, allowing administrators to configure an authenticator reference value. Upon successful completion of an authenticator during an authentication flow, Keycloak tracks the execution ID in a user session note.

The protocol mapper pulls the list of completed authenticators from the user session notes and loads the associated configurations for each authenticator execution. It then captures the list of authenticator references from these configs and sets it in the AMR claim of the resulting tokens.

Closes #19190

Signed-off-by: Ben Cresitello-Dittmar <bcresitellodittmar@mitre.org>
2024-01-03 14:59:05 -03:00
agagancarczyk
175a26f22c
Fix invalid keys for 'no roles' translations (#25630)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-03 11:38:34 +01:00
Joshua Sorah
3042a897d6
Update message keys for Realm Events Setting UI help text (#25599)
Closes #24783

Signed-off-by: Joshua Sorah <jsorah@gmail.com>
2024-01-02 18:10:35 +01:00
Marek Posolda
8d887febb9
Tooltips improvements when configuring user profile attribute (#25739)
closes #25738

Signed-off-by: mposolda <mposolda@gmail.com>
2023-12-21 09:59:34 +01:00
Erik Jan de Wit
8263c538d8
don't add empty key values (#25472)
* don't add empty key values

fixes: #24678

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fixed test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2023-12-15 12:30:16 +00:00
Alexander Schwartz
9672291bf0
Cleanup translations for DE/EN for a first test run of Weblate (#25450)
Closes #25449

Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2023-12-11 10:13:35 +01:00
Erik Jan de Wit
6ba716cbed
set the searching state when we actually are (#24499)
* set the searching state when we actually are

fixes: #24430
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Update js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties

Co-authored-by: Jon Koops <jonkoops@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2023-12-07 12:06:23 +01:00
Pedro Igor
c7f63d5843 Add options to change behavior on how unmanaged attributes are managed
Closes #24934

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-11-30 06:58:21 -03:00
rmartinc
16afecd6b4 Allow automatic download of SAML certificates in the identity provider
Closes https://github.com/keycloak/keycloak/issues/24424

Signed-off-by: rmartinc <rmartinc@redhat.com>
2023-11-29 18:03:31 +01:00
Tero Saarni
ab3758842c
Add configuration option for LDAP referral (#24852)
Signed-off-by: Tero Saarni <tero.saarni@est.tech>
2023-11-28 14:06:34 +01:00
agagancarczyk
a8fcd2147c
Added Polish Translations (#24965)
* added polish translations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* added polish translations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2023-11-27 16:35:06 +00:00
Hynek Mlnarik
5ec394b258 Transient sessions: UX improvements
Closes: #24279

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2023-11-21 08:31:56 +01:00
Thomas Darimont
d30d692335 Introduce MaxAuthAge Password policy (#12943)
This policy allows to specify the maximum age of an authentication
with which a password may be changed without re-authentication.

Defaults to 300 seconds (default taken from Constants.KC_ACTION_MAX_AGE) to remain backwards compatible.
A value of 0 will always require reauthentication to update the password.
Add documentation for MaxAuthAgePasswordPolicy to server_admin

Fixes #12943

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2023-11-20 14:48:17 +01:00
Erik Jan de Wit
941457b805 added theme name as parameter
moved messages to theme bundle

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2023-11-17 08:35:54 +01:00
Joshua Sorah
d48934036a
Add missing localization for Event Type "User Disabled By Permament Lockout Error" (#24780)
Closes keycloak/keycloak#24778

Signed-off-by: Joshua Sorah <jsorah@redhat.com>
2023-11-16 09:41:11 +01:00
Erik Jan de Wit
89abc094d1
userprofile shared (#23600)
* move account ui user profile to shared

* use ui-shared on admin same error handling

also introduce optional renderer for added component

* move scroll form to ui-shared

* merged with main

* fix lock file

* fixed merge error

* fixed merge errors

* fixed tests

* moved user profile types to admin client

* fixed more types

* pr comments

* fixed some types
2023-11-14 08:04:55 -03:00
Erik Jan de Wit
fe7833c957
Load Admin Console localizations from resource bundles (#24316)
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2023-11-13 12:39:46 -05:00
Jon Koops
96aa4b3394
Add Maven build for the Admin UI (#17552) 2023-03-13 18:16:12 +00:00