keycloak-scim

Author	SHA1	Message	Date
Marek Posolda	3784fd1f67	Attempt to run snapshot Keycloak server against production DB should fail during migration closes #30364 Signed-off-by: mposolda <mposolda@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-10-28 15:02:26 +00:00
Gilvan Filho	c4005d29f0	add linear strategy to brute force closes #25917 Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>	2024-10-22 10:33:22 -03:00
vramik	c1653448f3	[Organizations] Allow orgs to define the redirect URL after user registers or accepts invitation link Closes #33201 Signed-off-by: vramik <vramik@redhat.com>	2024-10-02 07:37:48 -03:00
Pedro Igor	ef48a3a360	Avoid running org related code if there are no orgs in a realm Closes #33424 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-10-02 09:39:25 +02:00
Pedro Igor	4bd29e257b	Fixing tests Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-09-30 18:35:45 -03:00
Kyale	a35edeb488	Resolved errors during component import referencing groups Whenever a component being imported contained a reference to a group also being imported, the group was not found because groups were being imported after components by DefaultImportExportManager Closes #10730 Signed-off-by: Kyale <github@chalkyweb.com>	2024-09-30 11:46:19 -03:00
Stefan Guilhen	6424708695	Ensure organization id is preserved on export/import - Also fixes issues with description, enabled, and custom attributes missing when re-importing the orgs. Closes #33207 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-09-25 16:07:44 +02:00
Christian Janker	4cd64c822c	Log model migration on INFO level closes #33163 Signed-off-by: Christian Janker <christian.janker@gmx.at>	2024-09-24 22:00:52 +02:00
Benoît	bf19ec11cf	Fix UserStorageManager.getGroupMembersStream potentially fetching all user (#33145 ) Closes #32761 Signed-off-by: Benoit Messager <benoit.messager@liksi.fr> Co-authored-by: Benoit Messager <benoit.messager@liksi.fr>	2024-09-24 09:51:35 +02:00
Alexander Schwartz	2a95d0abfa	Sort order of updates for user properties (#32853 ) This should reduce deadlocks on the user property table if the users are updated concurrently. Closes #32852 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-09-18 12:37:42 +02:00
Thomas Darimont	445a7da902	Ensure realm attributes import happens before client import Fixes #32799 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-09-11 15:14:33 +02:00
Giuseppe Graziano	a14548a7a2	Lightweight access tokens for Admin REST API (#32347 ) * Lightweight access tokens for Admin REST API Closes #31513 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-09-04 18:04:23 +02:00
Stefan Guilhen	88cca10472	Rename IDPSpi to IdentityProviderStorageSpi Closes #31639 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-26 15:10:09 -03:00
Vlasta Ramik	d63c0fbd13	Decouple Identity provider mappers from RealmModel (#32251 ) * Decouple Identity provider mappers from RealmModel Closes #31731 Signed-off-by: vramik <vramik@redhat.com>	2024-08-22 12:05:19 -03:00
Stefan Guilhen	6e7b36e82f	Add migration tests for the IDP changes Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-19 09:06:35 -03:00
mposolda	3d787727f9	Add acr scope to all clients for those migrating from older than Keycloak 18 closes #31107 Signed-off-by: mposolda <mposolda@gmail.com>	2024-08-16 12:17:43 +02:00
Stefan Guilhen	aeb1951aba	Replace calls to deprecated RealmModel IDP methods - use the new provider instead Closes #31254 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-15 10:55:36 -03:00
Martin Kanis	708a6898db	Add a count method to the OrganizationMembersResource Closes #31388 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-15 09:12:57 -03:00
Michal Hajas	50c07c6e7c	Simplify configuration for MULTI_SITE Closes #31807 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2024-08-06 16:14:33 +00:00
Pedro Ruivo	17e30e9ec1	Persist revoke tokens with remote cache feature Stores the revoked tokens into the database and preloads them during startup. Fixes #31760 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-07-31 11:02:38 +02:00
Stefan Guilhen	c16e88bcee	Make the IDPProvider via session.identityProviders() Closes #31252 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-07-29 16:02:26 +02:00
Pedro Igor	1f8280c71a	Allow members joining multiple organizations Closes #30747 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-29 09:02:36 +02:00
Alexander Schwartz	227c71f7f0	Persisting revoked access tokens Closes #31296 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-07-26 11:46:14 +02:00
vramik	649b35929e	Make sure users created through a registration link are managed members Closes #30743 Signed-off-by: vramik <vramik@redhat.com>	2024-07-25 04:30:13 -03:00
Pedro Igor	cc2ccc87b0	Filtering organization groups when managing or processing groups Closes #30589 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-28 10:27:18 -03:00
Pedro Igor	a0ad680346	Adding an alias to organization and exposing them to templates Closes #30312 Closes #30313 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-20 14:36:14 -03:00
Pedro Ruivo	9006218559	External Infinispan as cache - Part 3 Implementation of UserLoginFailureProvider using remote caches only. Closes #28754 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-06-19 14:47:57 +02:00
Pedro Ruivo	d2ae27a1e2	External Infinispan as cache - Part 1 Part 1 includes * New experimental feature to enable the new code * New providers using RemoteCache only * New test profile to run the tests with the experimental feature New providers' implementation for: * InfinispanConnectionProvider * AuthenticationSessionProvider * ClusterProvider Closes #28140 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-06-19 14:47:57 +02:00
Martin Kanis	89f83e9788	Importing organizations failing if there is no broker and members in the representation Closes #30305 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-06-19 08:46:04 -03:00
Pedro Ruivo	18a6c79011	Infinispan Protostream Marshaller (#29474 ) Closes #29394 Signed-off-by: Pedro Ruivo <pruivo@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-06-13 18:02:46 +02:00
vramik	d355e38424	Provide a cache layer for the organization model Closes #30087 Signed-off-by: vramik <vramik@redhat.com>	2024-06-13 08:13:36 -03:00
Alexander Schwartz	a161827766	Migration of sessions in KC25 should run only on migration, not on imports Closes #30351 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-06-12 23:16:54 +02:00
Giuseppe Graziano	6067f93984	Improvements to refresh token rotation with multiple tabs (#29966 ) Closes #14122 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-06-07 12:02:36 +02:00
Pedro Igor	f8d55ca7cd	Export import realm with organizations Closes #30006 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-05 09:50:03 +02:00
Andrejs Mivreniks	1cf87407fe	Allow setting authentication flow execution priority value via Admin API Closes #20747 Signed-off-by: Andrejs Mivreniks <andrejs@fastmail.com>	2024-05-30 19:17:45 +02:00
mposolda	37c10b4d43	Improve documentation for the case when 'basic' client scope already exists closes #29880 Signed-off-by: mposolda <mposolda@gmail.com>	2024-05-29 13:32:05 +02:00
mposolda	ea1cdc10bd	MigrateTo25_0_0 does not complete within default transaction timeout closes #29756 Signed-off-by: mposolda <mposolda@gmail.com>	2024-05-27 10:31:39 +02:00
Marek Posolda	2efc163b89	Entry 999.0.0 in MIGRATION_MODEL prevents future migrations of the database Closes #27941 Signed-off-by: mposolda <mposolda@gmail.com>	2024-05-23 12:00:18 +00:00
vramik	278341aff9	Add organizations enabled/disabled capability Closes #28804 Signed-off-by: vramik <vramik@redhat.com>	2024-05-22 07:58:26 -03:00
Alexander Schwartz	80de3a0a71	Allow migration of non-persistent sessions to persistent sessions Closes #29375 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-22 10:30:46 +02:00
Stefan Guilhen	dae1eada3d	Add enabled field to OrganizationEntity Closes #28891 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-05-06 14:46:56 -03:00
Stefan Guilhen	45e5e6cbbf	Introduce filtered (and paginated) search for organization members Closes #28844 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-05-02 11:25:43 -03:00
Tero Saarni	64862d568e	Convert database errors to 500 instead of 400. Signed-off-by: Tero Saarni <tero.saarni@est.tech>	2024-04-22 11:42:18 -03:00
mposolda	c427e65354	Secondary factor bypass in step-up authentication closes #34 Signed-off-by: mposolda <mposolda@gmail.com> (cherry picked from commit e632c03ec4dbfbb7c74c65b0627027390b2e605d)	2024-04-19 14:43:53 +02:00
Joerg Matysiak	76a5a27082	Refactored StripSecretsUtils in order to make it unit-testable, added unit tests for it Don't mask secrets at realm export Closes #21562 Signed-off-by: Joerg Matysiak <joerg.matysiak@bosch.com>	2024-04-18 18:26:47 -03:00
Pedro Igor	7483bae130	Make sure admin events are not referencing sensitive data from their representation Closes #21562 Signed-off-by: Joerg Matysiak <joerg.matysiak@bosch.com>	2024-04-18 18:26:47 -03:00
tqe1999	6e0fc8a774	fix integer overflow with explicit cast Closes #28564 Signed-off-by: tqe1999 <tqe1999@gmail.com>	2024-04-11 10:58:44 +02:00
Alexander Schwartz	63e7523a6d	Avoid unnecessary updates to the sessions during refreshes of tokens Closes #28388 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-04-09 14:55:21 +02:00
Pedro Igor	52ba9b4b7f	Make sure attribute metadata from user storage providers are added only for the provider associated with a federated user Closes #28248 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-04-08 09:05:16 -03:00
Giuseppe Graziano	fe06df67c2	New default client scope for 'basic' claims with 'auth_time' protocol mapper Closes #27623 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-04-02 08:44:28 +02:00

1 2

66 commits