libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
22789 commits 4 branches 5 tags 480 MiB
Commit graph

6181 commits

Author SHA1 Message Date
Alexander Schwartz
2eb37dbe4f Remove MS SQL JDBC driver from the Keycloak product 
Closes #22983
 2023-09-07 15:30:34 +02:00
Peter Skopek
ef272f7668 SAML Adapter fix for EAP8 and WF29 
Signed-off-by: Peter Skopek <pskopek@redhat.com>
 2023-09-07 13:32:25 +02:00
Kaustubh B
5ee2ba9372 Added tests 2023-09-07 08:43:35 +02:00
Martin Bartoš
6ca78b7554 Return Oracle JDBC driver to the upstream 
Closes #22999
 2023-09-06 19:11:29 +02:00
rmartinc
8887be7887 Add a new identity provider for LinkedIn based on OIDC 
Closes https://github.com/keycloak/keycloak/issues/22383
 2023-09-06 16:13:31 +02:00
Pedro Igor
13e5a02b9f Role mappers must return a single value when they are not multivalued 
Closes #20218
 2023-08-31 19:16:12 +02:00
mposolda
57e51e9dd4 Use an original domain name of Kerberos Principal in UserModel attribute instead of configured value of Kerberos realm in User federation 
closes #20045
 2023-08-30 13:24:48 +02:00
vramik
4cd34f8423 Update logging properties for showing SQL statements and JDBC parameters 
Closes #22815
 2023-08-30 12:52:08 +02:00
Marek Posolda
6f989fc132
Fallback to next LDAP/Kerberos provider when not able to find authenticated Kerberos principal (#22531) 
closes #22352 #9422
 2023-08-29 11:21:01 +00:00
Pedro Igor
ea3225a6e1 Decoupling legacy and dynamic user profiles and exposing metadata from admin api 
Closes #22532

Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2023-08-29 08:14:47 -03:00
Pedro Igor
b779df6a55 Parsing response from user info rather than the access token 
Closes #22581
 2023-08-29 12:23:56 +02:00
Tomas Ondrusko
e70ffd0105
Handle GitHub logout properly (#22463) 
Add profile info update to GitHub login test cases

Closes #22461

Signed-off-by: Tomas Ondrusko <tondrusk@redhat.com>
 2023-08-28 10:06:12 +02:00
Michal Hajas
94089bd492 Clean LDAP between test method executions 
Closes #22602

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2023-08-23 04:15:32 -03:00
Martin Bartoš
fcf65389ea
Remove Oracle Database JDBC driver from the Keycloak distribution (#22577) 
* Remove Oracle Database JDBC driver from the Keycloak distribution

Closes #22452

* Remove profile for proprietary Oracle JDBC driver

---------

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2023-08-21 15:13:49 +00:00
t0xicCode
822c13ff6f Switch Trusted Host policy redirect verification to URI 
Switch parsing of the redirect URIs for the Trusted Host Client Registration Policy from URL to URI.
The java URL class tries to instantiate a handler for the scheme, which fails when a "custom" scheme, such as those used in phone apps is used.
In contrast, the URI class simply parses the string, ensuring the format is valid.
The other URLs (baseUrl, rootUrl, adminUrl) are still parsed as URLs.
See https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata for the Client Registration parameter documentation.

Closes #22309
 2023-08-14 10:20:23 +02:00
Pedro Igor
baac060eb1 Fixing how e-mail attribute permissions are set for both USER_API and ACCOUNT contexts 
Closes #21751
 2023-08-11 13:32:16 +02:00
Erik Jan de Wit
874d2063b8
only add realm access to the current realm (#21554) 
fixes: #21553
 2023-08-10 12:43:15 +02:00
wojnarfilip
6c070d587f Closes #22282 2023-08-10 12:05:20 +02:00
Todor Staykovski
dffa7a31cb
Add subgroups sorting (#22295) 
* Review comments to add a test, update the API description and adjust the map storage.

Closes #19348

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2023-08-07 21:18:09 +02:00
Takashi Norimatsu
258711ef4f DPoP verification in UserInfo endpoint 
closes #22215
 2023-08-07 10:49:33 +02:00
Takashi Norimatsu
9d0960d405 Using DPoP token type in the access-token and as token_type in introspection response 
closes #21919
 2023-08-07 10:40:18 +02:00
Alex Szczuczko
92bec0214f Add -DdeployTestsuite profile to testsuite 
Closes #22258
 2023-08-04 20:54:59 +02:00
Marek Posolda
4dc929abb3
Missing client_id validation match when authenticating client with JW… (#22178) 
Closes #22177
 2023-08-03 11:47:55 +02:00
Takashi Norimatsu
ee998fee66 Add FAPI 2.0 security profile as default profile of client policies 
closes #21181
 2023-08-03 09:26:16 +02:00
Ricardo Martin
a8bca522c1
Fix issue with access tokens claims not being imported using OIDC IDP Attribute Mappers (#21627) 
Closes #9004


Co-authored-by: Armel Soro <armel@rm3l.org>
 2023-08-02 09:36:50 +02:00
Thomas Darimont
82269f789a Avoid using deprecated junit APIs in tests 
- Replaced usage of Assert.assertThat with static import
- Replaced static import org.junit.Assert.assertThat with org.hamcrest.MatcherAssert.assertThat

Fixes: #22111
 2023-08-01 11:44:25 +02:00
mposolda
6f6b5e8e84 Fix authenticatorConfig for javascript providers 
Closes #20005
 2023-07-31 19:28:25 +02:00
Vlasta Ramik
29b67fc8df
Inconsistent Wildcard handling for JPA (#21671) 
* Inconsistent Wildcard handling for JPA

Closes #20610

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2023-07-27 17:03:22 +02:00
rmartinc
0a7fcf43fd Initial pagination in the admin REST API for identity providers 
Closes https://github.com/keycloak/keycloak/issues/21073
 2023-07-27 14:48:02 +02:00
Martin Bartoš
4b36da03db Profile activation for WF app server doesn't properly work for Windows 
Fixes #21284
 2023-07-27 12:09:00 +02:00
Takashi Norimatsu
9a921441cc Adjustements to the behaviour of dpop_bound_access_tokens switch 
closes #21920
 2023-07-27 11:30:01 +02:00
Takashi Norimatsu
6498b5baf3 DPoP: OIDC client registration support 
closes #21918
 2023-07-26 13:00:35 +02:00
Ricardo Martin
ee35cfe478
Add logout other sessions checkbox to TOTP, webauthn and recovery authn codes setup pages (#21897) 
* Add logout other sessions checkbox to TOTP, webauthn, recovery authn codes setup pages and to update-email page
Closes #10232
 2023-07-26 11:34:19 +02:00
Marek Posolda
bb8ba1af5a
Fix script tests on windows (#21942) 
Closes #21778 #21779 #21780
 2023-07-25 12:37:21 +00:00
Takashi Norimatsu
0ddef5dda8
DPoP support 1st phase (#21202) 
closes #21200


Co-authored-by: Dmitry Telegin <dmitryt@backbase.com>
Co-authored-by: mposolda <mposolda@gmail.com>
 2023-07-24 16:44:24 +02:00
Takashi Norimatsu
05b8b9ee51 Enhancing Pluggable Features of Token Manager 
closes #21182
 2023-07-24 09:16:29 +02:00
Takashi Norimatsu
2efd79f982 FAPI 2.0 security profile - supporting RFC 9207 OAuth 2.0 Authorization Server Issuer Identification 
Closes #20584
 2023-07-24 09:11:30 +02:00
Martin Kanis
6907134f17 Removing workaround for state transfer never completes 
Closes #21256
 2023-07-21 18:21:00 +02:00
rmartinc
7336ff07ac Check RDN attribute for DN membership 
Closes https://github.com/keycloak/keycloak/issues/20718
 2023-07-21 11:13:45 +02:00
todor
897965f604 KEYCLOAK-20343 Add message bundle to export/import 
Closes #20343
 2023-07-20 23:00:28 +02:00
Alexander Schwartz
7c9593f88a
Upgrade Infinispan to 14.0.13.Final (#21565) 
Closes #21564
 2023-07-20 16:59:19 +00:00
Václav Muzikář
776bcbcbd4
Update bcpkix and bcprov dependencies (#21543) 
Closes #21360
 2023-07-20 11:57:18 +02:00
vramik
13d412989c Disable ZeroDowntimeTest 
Closes #21823
 2023-07-19 20:35:08 +02:00
Lukas Hanusovsky
086b85fad4
[20455] Arquillian reflection bug -> using different setter to avoid overloading. (#21806) 2023-07-19 14:43:36 +02:00
rmartinc
ed1934d73a Ensure that the flow tested to be deleted is a built in flow 
Closes https://github.com/keycloak/keycloak/issues/20763
 2023-07-19 08:56:32 +02:00
Pedro Igor
d2cdd78655
Add Java Distribution IT for Windows (#21675) 
Co-authored-by: Miquel Simon <msimonma@redhat.com>
 2023-07-18 12:15:56 +02:00
mposolda
03716ed452 Keycloak forgets ui_locales parameter when using reset password 
closes #10981
 2023-07-18 09:24:12 +02:00
Martin Kanis
67b20dfd9b Introduce delay in SessionTimeoutsTest to allow xsite replication to finish 
Fixes #20983
 2023-07-17 15:46:33 +02:00
rmartinc
630e3b2312 Revert emailVerified to false if email modified on force-sync non-trusted broker 
Closes https://github.com/keycloak/security/issues/48
 2023-07-17 13:13:47 +02:00
Michal Hajas
07c27336aa Check whether realm has store enabled for immediately sent events 
Closes #21698

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2023-07-14 20:50:33 +02:00