libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions
14489 commits 4 branches 5 tags 483 MiB
Commit graph

180 commits

Author SHA1 Message Date
Alexander Schwartz
098d4dda0e
Split PublicKeyStorageProvider (#12897) 
Split PublicKeyStorageProvider

- Extract clearCache() method to separate interface and move it to the legacy module
- Make PublicKeyProvider factories environment dependent
- Simple map storage for public keys that just delegates

Resolves #12763

Co-authored-by: Martin Kanis <mkanis@redhat.com>
 2022-07-05 09:57:51 -03:00
Stefan Guilhen
007fa1f374 Single Use Objects Map JPA implementation 
Closes #9852
 2022-07-04 10:05:51 -03:00
Jon Koops
06d1b4faab Restore enum variant of ResourceType 
This reverts commit 3b5a578934.
 2022-06-30 12:20:51 -03:00
Alexander Schwartz
692ce0cd91 Moving ClientStorageProvider to the legacy modules 
This prepares the move of CachedObject and CacheableStorageProviderModel

Closes #12531

fixup! Moving ClientStorageProvider to the legacy modules
 2022-06-29 20:04:32 +02:00
vramik
3b5a578934 Change enum ResourceType to interface with String constants 
Closes #12485
 2022-06-29 13:35:11 +02:00
vramik
91335ebaad Change returning type to Set in MapClientEntity when obtaining protocol mappers 
Closes #11136
 2022-06-28 21:47:56 +02:00
Alexander Schwartz
4b499c869c Encapsulate MigrationModelManager in legacy module 
Closes #12214
 2022-06-28 10:53:04 +02:00
Michal Hajas
e0efdcae22 Make sure HotRod store does not return empty delegate 
Closes #12304
 2022-06-27 15:10:18 +02:00
Stefan Guilhen
7d96f3ad5a Events Map JPA implementation 
Closes #9667
 2022-06-21 13:53:48 +02:00
Alexander Schwartz
896afc4644 rename SingleEntityCredentialManager to SubjectCredentialManager, part 2 2022-06-21 08:53:06 +02:00
Alexander Schwartz
cb0c881821 rename SingleEntityCredentialManager to SubjectCredentialManager 2022-06-21 08:53:06 +02:00
Alexander Schwartz
84d21f0230 for all added files in the PR, update the copyright header or add it if it was missing 2022-06-21 08:53:06 +02:00
Hynek Mlnarik
f1ca325b6b Add map datastore provider 2022-06-21 08:53:06 +02:00
Hynek Mlnarik
e396d0daa1 Renaming SingleUserCredentialManager and UserModel.getUserCredentialManager(): 
- class SingleUserCredentialManager to SingleEntityCredentialManager
- method UserModel.getUserCredentialManager() to credentialManager()

Renaming of API without "get" prefix to make it consistent with other APIs like for example with KeycloakSession
 2022-06-21 08:53:06 +02:00
Alexander Schwartz
6f287e7ded Avoid using methods on UserCredentialStoreManager 2022-06-21 08:53:06 +02:00
Alexander Schwartz
bc8fd21dc6 SingleUserCredentialManager moving in 
- UserStorageManager now handles authentication for old Kerberos+LDAP style
- new getUserByCredential method in MapUserProvider would eventually do the same.
 2022-06-21 08:53:06 +02:00
Alexander Schwartz
82094d113e Move User Storage SPI, introduce ExportImportManager 2022-06-21 08:53:06 +02:00
Michal Hajas
0719d3e49b Remove EXPIRATION fields and add expired entities filtering to all queries automatically 
Closes #12563
 2022-06-20 21:45:32 +02:00
Michal Hajas
22f9b0fee3 Unify expiration handling for SingleUseObjects 
Closes #12205
 2022-06-20 21:45:32 +02:00
vramik
1b3a76d0af Do not persist client sessions of transient user sessions 
Closes #12357
 2022-06-15 10:54:23 +02:00
vramik
df41f233d5 Introduce unique index for enums stored by storages 
Closes #12277
 2022-06-15 09:12:10 +02:00
Martin Kanis
df72cf72f2 Hot Rod map storage: Single-use (action token) no-downtime store 2022-06-06 16:01:18 +02:00
Martin Kanis
75754eca6b Extract timestamp from Expirable entity 2022-06-01 13:03:31 +02:00
vramik
be28e866b9 JPA map storage: Authorization services no-downtime store 
Closes #9669
 2022-05-30 21:05:34 +02:00
Michal Hajas
9b36ea0269 Add cascade removal of client session on user session removal for HotRod 
Closes #12096
 2022-05-30 09:58:54 +02:00
Michal Hajas
1a98765fb7 Fix cascade removal of client session on user session removal for CHM 
Closes #12146
 2022-05-30 09:58:54 +02:00
Michal Hajas
bc59fad85b Unify way how expirable entities are handled in the new store 
Closes #11947
 2022-05-26 13:17:27 +02:00
Martin Kanis
0cb3c95ed5 Map storage: Single-use objects (action token) 2022-05-25 16:47:10 +02:00
Alexander Schwartz
d1a92680f5 Optimize querying sub-groups of groups 
Closes #12080
 2022-05-19 14:46:53 +02:00
Michal Hajas
0bda7e6038 Introduce map event store with CHM implementation 
Closes #11189
 2022-05-17 12:57:35 +02:00
Michal Hajas
d3b43a9f59 Make sure there is always Realm or ResourceServer when searching for authz entities 
Closes #11817
 2022-05-11 07:20:01 -03:00
Alexander Schwartz
bfab03b837 Throw an IllegalArgumentException once a ClassCastException occurs. 
Closes #11775
 2022-05-11 09:19:09 +02:00
Michal Hajas
6b5c417742 Add HotRod store for authorization services 
Closes #9679
 2022-05-06 15:31:38 +02:00
Michal Hajas
fc974fc019 Update composite roles on child role removal 
Closes #11769
 2022-05-05 15:18:18 +02:00
vramik
0d83b51b20 Enhance Map authz entities with REALM_ID (ResourceServer with CLIENT_ID) searchable field 
Co-authored-by Michal Hajas <mhajas@redhat.com>

Closes #10883
 2022-05-03 12:56:27 +02:00
Sven-Torben Janus
0efa4afd49 Evaluate composite roles for hardcoded LDAP roles/groups 
Closes: 11771

see also KEYCLOAK-18308
 2022-05-02 14:13:37 +02:00
vramik
2ecf250e37 Deletion of all objects when realm is being removed 
Closes #11076
 2022-04-28 11:09:17 +02:00
vramik
5248815091 Disable infinispan realm and user cache for map storage tests 
Closes #11213
 2022-04-25 09:38:49 +02:00
Hynek Mlnarik
0ce5dfc09c Remove dependency of map on services 
Fixes: 8903
 2022-04-22 17:27:21 +02:00
vramik
3d1118223b New Storage: Testsuite fails when JPA Map storage is enabled for groups 
Closes #11369
 2022-04-21 11:14:35 +02:00
Stefan Guilhen
b29b27d731 Ensure code does not rely on a particular format for the realm id or component id 2022-04-20 14:40:38 +02:00
Pedro Igor
c5e4dc8cec
Associated permissions should only add resource type permissions if the resource is an instance (#11220) 
Closes #11148
 2022-04-19 09:10:14 +02:00
Bruno Oliveira da Silva
f9d4566723 Replace the cryptographic algorithm by SHA-2 
The static code scanning analysis detected the usage of MD5 as part of [
MapDeploymentStateProviderFactory](a6dd9dc0f1/model/map/src/main/java/org/keycloak/models/map/deploymentState/MapDeploymentStateProviderFactory.java (L58-L58)).

Even though we could not find any ways of exploiting the code, we should
avoid its usage considering that MD5 is not collision-resistant.

Resolves #11290
 2022-04-18 07:10:04 -03:00
Alexander Schwartz
5c1a8d401d Store time as seconds as a long in map store 
This avoids overflowing the value in 2038.

Closes #10960
 2022-04-12 14:22:44 +02:00
Stefan Guilhen
d952669f69 Add clearUpdatedFlag so the flag in associated protocol mappers can be cleared as well 
Closes #11118
 2022-04-08 09:36:55 +02:00
Michal Hajas
1f2ebf4cba Add HotRod no downtime store for Realms 
Closes #9670
 2022-04-08 09:36:01 +02:00
Martin Kanis
3bb4081bd1 Convert user / client session entities into interface 2022-04-08 09:34:01 +02:00
Michal Hajas
f4f5928727 Add type to filters in MapResourceStore 
Closes #11154
 2022-04-07 15:10:20 -03:00
Martin Kanis
3356e8b098 Convert login failure entities into interface 2022-03-29 18:40:53 +02:00
Stefan Guilhen
d8bee26ec8 Implement AbstractClientEntity.isUpdated to account for changes in associated protocol mappers. 
Closes #10927
 2022-03-29 18:35:28 +02:00