andreaTP
36d258537a
Fix operator CI installing modules locally
2022-06-20 09:22:10 -03:00
Michal Hajas
781183e551
Enable indexing for ResourceServerEntity
...
Closes #12533
2022-06-20 10:17:19 +02:00
Martin Bartoš
d8112d7b7e
DB migration tests execution for Quarkus ( #12525 )
...
Closes #12524
2022-06-20 10:12:37 +02:00
andreaTP
3abcc699a1
Move all dist options to the new module
...
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2022-06-17 09:06:40 -03:00
Alexander Schwartz
71e7982a49
Adding central time offset reset in model tests as it was missing for AuthenticationSessionTest and UserSessionPersisterProviderTest
...
Also adding try/finally in other places in the integration tests where it was missing.
Closes #12530
2022-06-16 13:42:55 +02:00
nehachopra27
39cff0750c
[Fix keycloak#12385] Update option to run kc.bat on windows instead of kc.sh ( #12386 )
...
Co-authored-by: nchopra <nchopra@redhat.com>
Resolves #12385
2022-06-15 11:29:11 -03:00
vramik
1b3a76d0af
Do not persist client sessions of transient user sessions
...
Closes #12357
2022-06-15 10:54:23 +02:00
Marek Posolda
e856a62fb2
Make CertificateUtils class to work with both fips and non-fips ( #12499 )
...
Closes #12498
2022-06-15 09:39:03 +02:00
vramik
df41f233d5
Introduce unique index for enums stored by storages
...
Closes #12277
2022-06-15 09:12:10 +02:00
Lex Cao
06dfb45c39
Remove non-standard code_challenge_method
from token request for IDP ( #12473 )
...
Closes #12141
2022-06-14 20:46:35 +02:00
Václav Muzikář
60702cfb44
KerberosLdapTest
is failing on Undertow
2022-06-14 20:20:44 +02:00
dependabot[bot]
fcf14c8574
Bump github/codeql-action from 2.1.11 to 2.1.12
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.11 to 2.1.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.1.11...v2.1.12 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-14 11:53:39 -03:00
Dominik Guhr
9df0d9a5c4
Fixes wrong values shown for configkeys (e.g. http-enabled) in show-config when in dev-mode.
...
also removes unnecessary internal and self-referencing values from output
Closes #9525
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2022-06-14 09:19:03 -03:00
Martin Bartoš
0fef4305b6
Logout confirm page is failing to log the user out on auth-server-wildfly
...
Fixes #11753
2022-06-14 10:46:02 +02:00
mposolda
3aefb59d40
Fix test failure in X509BrowserCRLTest on IBM JDK. Don't display details of exception message to the end user
...
Closes #12458
2022-06-14 10:44:31 +02:00
Stian Thorgersen
39a507f0cb
Update mvnw to 3.8.6 ( #12492 )
...
Closes #12491
2022-06-14 10:28:40 +02:00
Alexander Schwartz
c2043da78e
When asserting a URL, allow for some time for any redirect to complete.
...
Closes #12446
2022-06-14 07:30:31 +02:00
Stian Thorgersen
fb18b693c4
Add Maven settings for release jobs ( #12479 )
...
Closes #12474
2022-06-13 15:53:44 +02:00
Václav Muzikář
105d3b955b
Refactor Operator test packages
2022-06-13 10:01:43 -03:00
Yohan Siguret
0eaeaef5f0
add display-name and help-text for idp-email-verification and idp-username-password ( #12056 )
...
Closes #12055
2022-06-12 20:07:15 -04:00
Yohan Siguret
48ffe99f02
Add french i18n for login and email ( #12054 )
...
Closes #11949
2022-06-12 20:06:31 -04:00
Christoph Leistert
442eff0169
Closes #11851 : Apply localization text from realm default locale when it is not defined for the requested language. ( #11852 )
2022-06-10 14:36:11 -04:00
Franck Kerbiriou
eed790cc2f
Update logout and idp login translation ( #11950 )
...
https://github.com/keycloak/keycloak/issues/11949
Closes #11949
Co-authored-by: Franck Kerbiriou <franck.kerbiriou@dcbrain.com>
2022-06-10 13:50:52 -04:00
Bruno Oliveira da Silva
cd1ea3054e
Snyk workflow failing while building Quarkus ( #12389 )
...
Resolves #12380
2022-06-10 10:18:07 -03:00
Dominik Guhr
b5c8f92fe7
Update Quarkus to 2.7.6.Final ( #12371 )
...
Resolves #12370
2022-06-10 09:14:59 -03:00
Martin Bartoš
2cf089424a
ClientClientScopesTest failures in the test pipeline ( #12440 )
...
Resolves #12439
2022-06-10 09:13:25 -03:00
Andrea Peruffo
e955a7c9c5
Remove the external base-deployment.yaml file ( #12437 )
...
Resolves #12436
2022-06-09 13:45:25 -03:00
Tobias Florek
fa22f1bdc7
ingress: set annotation for openshift routes
...
fixes #12182
2022-06-09 13:44:26 -03:00
andreaTP
a40acd413a
Fix Ingress creation/deletion loop
2022-06-09 13:26:48 -03:00
Alexander Schwartz
361a813d81
Keep a list of model instances in the JPA map session.
...
This allows removing them from the persistence context on bulk delete.
Closes #12384
2022-06-09 12:39:04 -03:00
Joerg Matysiak
3c19ad627f
Repsect permissions configured to firstName and lastName when configured in user profile
...
Resolves #12109
2022-06-09 10:10:15 -03:00
Dominik Guhr
c4001ba198
Fix running operator image tests with prebuilt image
...
Closes #9898
Co-authored-by: Andrea Peruffo <andrea.peruffo1982@gmail.com>
2022-06-09 09:55:26 -03:00
Pedro Igor
5e5cfff4e2
Resolve default values for runtime options when running re-aug
...
Closes #10818
2022-06-09 08:32:30 -03:00
Pedro Igor
b34f46155c
Allow setting the admin hostname
...
Closes #12190
2022-06-08 16:41:43 -03:00
Pedro Igor
8aecba1795
Fixing how realm frontendurl is cached when resolving the hostname
...
Closes #11894
2022-06-08 16:41:25 -03:00
Bruno Oliveira da Silva
6ca6588391
Update undertow dependency to fix CVE-2021-3597
...
Resolves #12390
2022-06-08 10:05:16 -03:00
Pedro Igor
c18b87af5f
Keycloak server fails to start when using different named schema
...
Closes #12219
2022-06-08 09:10:25 -03:00
Alexander Schwartz
9272c7a5ec
Allow for the backend to return granted scopes in any order.
...
Closes #12395
2022-06-08 08:39:14 -03:00
mposolda
5d2bf6ea33
Cannot find ScriptEngine for JDK8 and Wildfly
...
Closes #12247
2022-06-08 11:11:36 +02:00
Stian Thorgersen
73c3517436
Upgrade to WildFly 26.1.1 ( #12368 )
...
Closes #12178
2022-06-07 16:40:40 +02:00
Pedro Igor
243e63c9f3
Do not set empty permissions to username and email attributes
...
Closes #11647
2022-06-07 10:59:35 -03:00
Pedro Igor
5f349195bb
Provide a separate guide for configuring the server truststore
...
Closes #12260
2022-06-07 10:57:37 -03:00
Sebastian Schuster
a0c402b93a
11198 added event information to consent granting and revocation via REST API ( #11199 )
2022-06-07 11:29:20 +02:00
Stian Thorgersen
e49e8335e0
Refactor BouncyIntegration ( #12244 )
...
Closes #12243
2022-06-07 09:02:00 +02:00
Martin Kanis
df72cf72f2
Hot Rod map storage: Single-use (action token) no-downtime store
2022-06-06 16:01:18 +02:00
Bruno Oliveira da Silva
a102e28dbb
Update webauthn4j to 0.20.0
...
A new version which contains a couple of
bug fixes plus CVE updates for its dependencies:
Breaking changes
- Add EdDSA support #662
- Correct AuthenticationAlgorithm(0x0011) value #657
Dependency Upgrades
- Bump spring-boot-dependencies from 2.6.7 to 2.7.0 #661
- Bump jacksonVersion from 2.13.2 to 2.13.3 #660
- Bump kerby-asn1 from 2.0.1 to 2.0.2 #659
Bump checker-qual from 3.21.4 to 3.22.0 #654
Resolves #12311
2022-06-06 13:45:17 +02:00
rmartinc
5332a7d435
Issue #9194 : Client authentication fails when using signed JWT, if the JWA signing algorithm is not RS256
2022-06-06 12:07:09 +02:00
Alexander Bokovoy
1915f11cba
OAuth2DeviceConfig: fix polling interval defaults
...
Instead of DEFAULT_OAUTH2_DEVICE_POLLING_INTERVAL, constant for the
lifespan was used to initialize the default polling interval.
This leads to inability to continuously poll the result as the result
stuck in the actionTokens cache for far longer than expected (600
seconds instead of 5 seconds). As a result, only the first request for
the token succeeds if a resource owner already did grant the access. If
that has not happened, any additional polling within 600 seconds would
get rejected with a 'slow_down' response.
This makes hard to write OAuth 2.0 clients using device code
authorization grant flow against multiple IdPs. Microsoft's
implementation of OAuth 2.0 device code grant flow requires 'nudging'
the Authorization Server's token endpoint before it even starts
recognizing the device code. Keycloak mismatch of the polling interval
default makes this flow impossible.
Closes #12327
Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com>
2022-06-06 11:54:56 +02:00
Takashi Norimatsu
3889eeda30
Client Policies: pkce-enforcer executor with client-access-type condition is not applied on client change via Admin API
...
Closes #12295
2022-06-06 11:30:48 +02:00
Nick Farley
91e88f554e
Replaces instances of himself
with more inclusive language
...
Closes #12300
2022-06-03 12:25:14 -03:00