Commit graph

23856 commits

Author SHA1 Message Date
Erik Jan de Wit
28c9f98930
moved login screen to patternfly 5 (#25340)
* moved login screen to patternfly 5

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added Feature flag to enable login v2

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* removed the old css and only include logo and background styles

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* changed to experimental

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added login2

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added windows help texts

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-25 13:45:53 +01:00
Ricardo Martin
b58f35fb47
Revert "Enable verify profile required action by default for new realms" (#26495)
This reverts commit 7f195acc14.

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-25 12:28:16 +01:00
Sol Roberts
29bc02a699
fix http_tlsSecret example for operator (#26282)
Signed-off-by: BadgerOps <github@badgerops.net>
2024-01-25 11:10:56 +01:00
Stefan Wiedemann
efa6ddc41e
Create SPI and Provider for Verifiable Credentials Signing #25937 (#26263)
* implement oid4vci service interfaces

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* add oid4vc to the disabled features test

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* fix test and add doc

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* add the new preview feature

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* add class-level doc

remove wildcard imports

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* add license headers

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* fix year

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* fix teste

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* two additional test fixes

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* make the feature experimental

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* remove clock

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* remove usage of var

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* fix tests

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

---------

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
2024-01-25 07:36:28 +01:00
Stian Thorgersen
cbfdae5e75
Remove support for multiple AUTH_SESSION_ID cookies (#26462)
Closes #26457

Signed-off-by: stianst <stianst@gmail.com>
2024-01-25 06:58:42 +01:00
rmartinc
7f195acc14 Enable verify profile required action by default for new realms
Closes #25985

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-24 20:28:06 +01:00
Thomas Darimont
e7363905fa Change password hashing defaults according to OWASP recommendations (#16629)
Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2):

- Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512
- Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000
- Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000
- Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000
- Adapt PasswordHashingTest to new defaults
- The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations.
- Document changes in changes document with note on performance and how
  to keep the old behaviour.
- Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly

Fixes #16629

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-01-24 18:35:51 +01:00
Stian Thorgersen
208e3a6529
Exclude ubuntu-latest (sanity-check-zip) as it is running the full zip (#26463)
Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 16:48:41 +00:00
Peter Zaoral
d23383e79c Stabilizing the FipsDistTest
* increased the timeout to let Keycloak stop

Closes #26374

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-01-24 16:54:56 +01:00
Václav Muzikář
7a57bfb504
Fix createdAt format in Operator CSV (#26428)
Closes #26427

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-01-24 16:41:44 +01:00
Florian Garcia
af0b9164e3
fix: hardcoded conditional rendering of client secret input field (#25776)
Closes #22660

Signed-off-by: ImFlog <garcia.florian.perso@gmail.com>
Co-authored-by: useresd <yousifmagdi@gmail.com>
2024-01-24 16:30:22 +01:00
agagancarczyk
4061abf588
fixed bug (#26453)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-24 12:59:32 +00:00
Stian Thorgersen
85ddac26ed
Remove code that expires old cookie paths (#26444)
Closes #26416

Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 13:43:03 +01:00
vickeybrown
86098242a5
Added Client Type feature flag to begin client type work (#26389)
* Added Client Type feature flag to begin client type work

Closes #26346

Signed-off-by: vibrown <vibrown@redhat.com>

* Fixed formatting issue

Signed-off-by: vibrown <vibrown@redhat.com>

* Updated HelpCommandDistTest messages

Signed-off-by: vibrown <vibrown@redhat.com>

* Fixed formatting on HelpCommandDistTest messages

Signed-off-by: vibrown <vibrown@redhat.com>

---------

Signed-off-by: vibrown <vibrown@redhat.com>
2024-01-24 12:07:07 +00:00
Lex Cao
142c14138f Add verify email required action for IdP email verification
Closes #26418

Signed-off-by: Lex Cao <lexcao@foxmail.com>
2024-01-24 12:15:09 +01:00
Takashi Norimatsu
b99f45ed3d Supporting EdDSA
closes #15714

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>

Co-authored-by: Muhammad Zakwan Bin Mohd Zahid <muhammadzakwan.mohdzahid.fg@hitachi.com>
Co-authored-by: rmartinc <rmartinc@redhat.com>
2024-01-24 12:10:41 +01:00
Erik Jan de Wit
3b3eef2560
Added data-testid to expandable nav (#26445)
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-24 11:54:17 +01:00
Stian Thorgersen
fea49765f0
Remove Jetty 9.4 adapters (#26261)
Only removing the distribution of the Jetty adapter for now, and leaving the rest for now. This is due to the complexity of removing all Jetty adapter code due to Spring, OSGI, Fuse, testsuite, etc. and it will be better to leave the rest of the clean-up to after 24 when we are removing most adapters

Closes #26255

Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 11:17:29 +01:00
Douglas Palmer
ee5593a88f CVE-2022-1471- SnakeYaml remote code execution by sending malicious YAML content
Closes #25261
Signed-off-by: Douglas Palmer dpalmer@redhat.com
2024-01-24 11:08:17 +01:00
Peter Keuter
21bdea3b71
Groups should be clickable when user has view-access on the group (#26033)
Closes #26040

Signed-off-by: Peter Keuter <github@peterkeuter.nl>
2024-01-24 09:17:39 +00:00
Peter Keuter
a0bcf35236
fix: check actual subgroup rights when clicking a subgroup (#26230)
Signed-off-by: Peter Keuter <github@peterkeuter.nl>
2024-01-24 07:30:47 +00:00
agagancarczyk
00fdb8e2f5
Fixed dropdown form in clients authorization policies tab (#26424)
* fixed dropdown forms in clients authorization

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* improved translations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* improved

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-24 07:49:27 +01:00
Steven Hawkins
93e90789fe
fix: auto-build not needed for build (#26099)
closes #26075

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-23 17:56:34 +01:00
Jon Koops
ea5888ef38
Add missing translations for WebAuthN Passwordless in Account Console (#26421)
Closes #26420

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-23 16:00:12 +00:00
Martin Kanis
84603a9363
Map Store Removal: Rename Legacy* classes (#26273)
Closes #24105

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-23 13:50:31 +00:00
Jon Koops
5bf2d4b6ec
Enable PKCE by default for Keycloak JS (#26412)
Closes #26411

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-23 14:04:13 +01:00
Thomas Darimont
cc7d6a9b79
Improve wording for Concepts for configuring thread pools in docs
Closes #26402

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-23 12:56:55 +00:00
agagancarczyk
662c705d66
fixed typo (#26408)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-23 11:22:23 +00:00
Jon Koops
4c5bf596aa
Ensure key prop of credentials list is unique (#26410)
Closes #26409

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-23 11:08:20 +00:00
agagancarczyk
73e5c8290f
Fixed a11y violations and typos in translations for messages in the dialog message for disabling clients. (#26395)
* fixed critical violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed more a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* renamed translation

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* added area-label

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* added area-label

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* renamed spinners translation

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-23 09:28:50 +00:00
Peter Zaoral
d9f8a1bf4e
Testing Keycloak with nightly Quarkus releases (#23407)
Closes #23322

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-01-23 09:43:31 +01:00
dependabot[bot]
35d2be9468 Bump @typescript-eslint/parser from 6.19.0 to 6.19.1 in /js
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 6.19.0 to 6.19.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.19.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-23 08:11:55 +01:00
dependabot[bot]
6f00b7d280 Bump @testing-library/jest-dom from 6.2.0 to 6.2.1 in /js
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/testing-library/jest-dom/releases)
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md)
- [Commits](https://github.com/testing-library/jest-dom/compare/v6.2.0...v6.2.1)

---
updated-dependencies:
- dependency-name: "@testing-library/jest-dom"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-23 07:53:53 +01:00
dependabot[bot]
6f290eafa0 Bump @typescript-eslint/eslint-plugin from 6.19.0 to 6.19.1 in /js
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 6.19.0 to 6.19.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.19.1/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-23 07:53:24 +01:00
Sebastian Schuster
8807562593
Make role mapping tab visible with view user permissions (#26386)
Co-authored-by: Salem Wafi <32916450+SalemWafi@users.noreply.github.com>
Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>
2024-01-22 17:06:25 +01:00
Jon Koops
03b03f3ccd
Add missing translations for WebAuthN in Account Console (#26384)
Closes #26383

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-22 16:04:22 +00:00
agagancarczyk
43053b8a82
Fixed translation for search box in clients authorization policies tab (#26387)
* resolved conflict

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* resolved conflict

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-22 16:10:37 +01:00
agagancarczyk
37e0f8f92b
Fixed resource and permission names and tooltip message (#26385)
* fixed typo

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* renamed key

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-22 15:47:18 +01:00
agagancarczyk
4a49759aa0
More a11y fixes (#26344)
* fixed a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed more a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* a11y fixes

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed more a11y violations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-22 08:04:27 -05:00
Douglas Palmer
ffa069a33b Invalidate authentication session on repeated Recovery Code failures
Closes #26180

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-01-22 11:57:47 +01:00
Zhikai Chen
359ccc060d
Update Chinese Translation (#26297)
Closes #26295

Signed-off-by: zhikaichen <czk1997@gmail.com>
2024-01-22 11:26:36 +01:00
Alexander Schwartz
e6cd9a2987
Remove product specific content about Linux only (#26222)
Closes #26220

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-22 10:38:07 +01:00
dependabot[bot]
e4910b350e
Bump rollup from 4.9.5 to 4.9.6 in /js (#26370)
Bumps [rollup](https://github.com/rollup/rollup) from 4.9.5 to 4.9.6.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.9.5...v4.9.6)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-22 09:07:11 +00:00
dependabot[bot]
cbd90588e4
Bump rollup (#26371)
Bumps [rollup](https://github.com/rollup/rollup) from 4.9.5 to 4.9.6.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.9.5...v4.9.6)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-22 09:47:47 +01:00
dependabot[bot]
01da3db357 Bump react-i18next from 14.0.0 to 14.0.1 in /js
Bumps [react-i18next](https://github.com/i18next/react-i18next) from 14.0.0 to 14.0.1.
- [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/react-i18next/compare/v14.0.0...v14.0.1)

---
updated-dependencies:
- dependency-name: react-i18next
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-22 09:46:59 +01:00
Erik Jan de Wit
37790c7956
Add a way to extend the UI with an Java API (#23772)
* POC to see how we could extend the UI

This is very crude and there are still open issues that need to be worked out

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added saving option

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added list and recreate client form

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* add tab ui

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* integrate tabs

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* remove examples

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fixed error messages

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added Feature for ui customization

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-22 08:19:58 +00:00
dependabot[bot]
96c882447d Bump @playwright/test from 1.41.0 to 1.41.1 in /js
Bumps [@playwright/test](https://github.com/microsoft/playwright) from 1.41.0 to 1.41.1.
- [Release notes](https://github.com/microsoft/playwright/releases)
- [Commits](https://github.com/microsoft/playwright/compare/v1.41.0...v1.41.1)

---
updated-dependencies:
- dependency-name: "@playwright/test"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-22 09:15:56 +01:00
dependabot[bot]
a6cef9d3af Bump jsdom from 23.2.0 to 24.0.0 in /js
Bumps [jsdom](https://github.com/jsdom/jsdom) from 23.2.0 to 24.0.0.
- [Release notes](https://github.com/jsdom/jsdom/releases)
- [Changelog](https://github.com/jsdom/jsdom/blob/main/Changelog.md)
- [Commits](https://github.com/jsdom/jsdom/compare/23.2.0...24.0.0)

---
updated-dependencies:
- dependency-name: jsdom
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-22 09:15:31 +01:00
dependabot[bot]
2bf805ae34 Bump i18next from 23.7.16 to 23.7.18 in /js
Bumps [i18next](https://github.com/i18next/i18next) from 23.7.16 to 23.7.18.
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v23.7.16...v23.7.18)

---
updated-dependencies:
- dependency-name: i18next
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-22 09:14:58 +01:00
dependabot[bot]
afbf5c6af8 Bump vite from 5.0.11 to 5.0.12 in /js
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.0.11 to 5.0.12.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v5.0.12/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.0.12/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-22 09:14:07 +01:00