- UserStorageManager now handles authentication for old Kerberos+LDAP style
- new getUserByCredential method in MapUserProvider would eventually do the same.
- Introduction of new AdminRealmResource SPI
- Moving handler of /realm/{realm}/user-storage into model/legacy-service
- session.users() and userStorageManager() moved refers legacy module
IMPORTANT: Broken as UserStorageSyncManager is not yet moved
- Introduces Datastore SPI for isolating data store methods
- Introduces implementation of the datastore for legacy storage
- Updates DefaultKeycloakSession to leverage Datastore SPI instead
of direct creating of area providers by the session
AuthorizationEndpointRequest class already checks duplicated parameters but DeviceEndpoint class has not checked its error. Thus a check process is added in handleDeviceRequest()
Closes#11294
* Allow exposing some initial provider config options via web site
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Closes#10571
* Include type to provider options, and hide build-icon column as it's not relevant
Co-authored-by: stianst <stianst@gmail.com>
adding nvmrc
CIAM-1048 Device Activity screen PF updates
CIAM-1046: Personal Info sub-header update
Updates SigningInPage to use EmptyState component when there are no credentials.
rearanged some components used in signing in page
Displays ApplicationPage content in description list.
Updates refresh link on ContentPage, updates Resources screen.
CIAM-1049 Linked Accounts screen PF updates
CIAM-1043-General upstream updates
Updates AccountPage to display form errors.
fix: display Set up Authenticator Application link on large viewport
fix(page structure): rearranges page sections
CIAM-1254/Personal info PF4 updates & Sidebar text updates
updating layouts
updating layout on Signing in and Linked acounts
adding patternfly-additions
adding patternfly-addons styles
Updates Application page based on designs feedback.
moving page description
Updates status label on Applications page to be capitalized.
Updates the copy-fonts script for keycloak.v2 to copy all font directories instead of one.
update Personal info screen - set max width of 600px for form input fields
update Personal info - remove required indicator from input fields
General updates (#2)
* removed the extra lines being shown
* tweaked general spacing
* general alignment and spacer application
* refactor to get proper alignments without css globals
* forgot to add the conditional on displaying the set up buttons
* try and adjust the alignments
Co-authored-by: zwitter <zwitter@redhat.com>
resolve merge conflicts
Device activity updates (#4)
* update text to sentence case
* update device info columns to be dynamic across various viewport sizes
* update signed in device layout
* update based on feedback
Co-authored-by: Jon Szeto <jszeto@redhat.com>
Linked accounts update (#3)
* linked accounts screen - updated icons & Linked/Unlinked Login Providers layout & update text to sentence case
Co-authored-by: Jon Szeto <jszeto@redhat.com>
fixing ts errors
cleaning up fonts and messages
final review updates
message update for Back to admin console link
fixing capitalization on 2fa
updating landing page welcome message
fix: reposition Back to... link
adjusting size for confirm modal
updating spacing and alignment issues
updating resources page
removing unused header class
fixes ts issues and updates node version to match the themes install
npm updates
fixing pf addons
adding chokidar to get babel:watch working
fixing issues from pull request feedback
fixing tests
fixes signingin page test
fixing tests
Co-authored-by: Tyler Andor <tandor@highereducation.com>
Closes: #10447
* Prepare logical layer to distinguish between ResourceServer id and client.id
* Reorder Authz methods: For entities outside of Authz we use RealmModel as first parameter for each method, to be consistent with this we move ResourceServer to the first place for each method in authz
* Prepare Logical (Models/Adapters) layer for returning other models instead of ids
* Replace resourceServerId with resourceServer model in PermissionTicketStore
* Replace resourceServerId with resourceServer model in PolicyStore
* Replace resourceServerId with resourceServer model in ScopeStore
* Replace resourceServerId with resourceServer model in ResourceStore
* Fix PermissionTicketStore bug
* Fix NPEs in caching layer
* Replace primitive int with Integer for pagination parameters
Add a test to make sure ProtocolMappers run with Dynamic Scopes
Change the way we create the DefaultClientSessionContext with respect to OAuth2 scopes, and standardize the way we obtain them from the parameter
For wildfly, everything is as before. For Quarkus, we check if http is enabled and provide the right port and scheme if so, and also we are relative-path aware.
Closes#10335
* Show error in case of an unkown essential acr claim. Make sure correct acr is set after authentication flow during step-up authentication
Closes#8724
Co-authored-by: Cornelia Lahnsteiner <cornelia.lahnsteiner@prime-sign.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
caused by doubled slashes when getting the path for resources while running IDELauncher. So now we sanitize them. Tests by building and running wf and quarkus distribution, running from idelauncher and running using quarkus:dev, assets got always loaded.
closes#9942
Use of containsAll() does not permit to compare if 2 lists are equals
(ignoring order)
Previous implementation of CollectionUtil.collectionEquals(...) was not taking care of specific cases where you can have [ A, A, B ] and [ A, B, B ] and complexity was O(n²)
Using Map, complexity is now O(n)
Closes#9920