Commit graph

76 commits

Author SHA1 Message Date
Stefan Guilhen
fa7c2b5da6 Address review comments
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Stefan Guilhen
f82159cf65 Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code.
Closes #32090

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Václav Muzikář
cb418b0bfc
Upgrade to Quarkus 3.13.2 (#31678)
* Upgrade to Quarkus 3.13.2

Closes #31676

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-08-16 11:41:34 +02:00
Michal Hajas
36ad5fb3bd
Remove information about online_user_session table
Closes #32178

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2024-08-16 09:23:14 +02:00
Steven Hawkins
ea3937f37c
fix: always replacing placeholders (#31871)
closes: #31625

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-08-12 16:20:47 +00:00
Pedro Igor
3ab2446074 Do not return identity providers when querying the realm representation
Closes #21072

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-08-07 10:06:51 -03:00
rmartinc
acbbfde4ab Adding upgrading notes for brute force changes
Closes #31960

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-08-07 14:38:30 +02:00
Ryan Emerson
db14ab1365
Refactor HA guide to refer to generic multi-site deployments
Old Active/Passive guides replaced with Active/Active architecture, but
A/P vs A/A distinction hidden from users in favour of generic multi-site
docs.

Closes #31029

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-07 08:22:59 +00:00
rmartinc
942d5d0aa3 Convert chapter planning for securing applications and services to guides
Final removal of the securing_apps documentation
Final checks for links, order and other minor things
Closes #31328

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-08-01 16:45:56 +02:00
Peter Zaoral
07cfdac862
Document admin bootstrapping and recovery
Closes: #30011

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2024-07-30 15:45:56 +02:00
Marek Posolda
5b52117351
Documentation for Delete Credential action and related changes (#31719)
closes #31718


Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-07-30 10:05:14 +02:00
Alexander Schwartz
227c71f7f0
Persisting revoked access tokens
Closes #31296

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-26 11:46:14 +02:00
Thomas Darimont
dbd4079f92
Allow users to customize the footer of a login theme (#31391)
Closes  #31390

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-07-23 09:29:38 +02:00
Steven Hawkins
4970a9b729
fix: deprecate KEYCLOAK_ADMIN and KEYCLOAK_ADMIN_PASSWORD
closes: #30658

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-07-11 18:07:57 +02:00
rmartinc
e80c3fee9b Change link to https://github.com/eclipse/microprofile/wiki/JWT_Auth
Closes #31219

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-07-11 18:03:57 +02:00
Steve Hawkins
9247029ca3 fix: removes the operator's usage of the v1 proxy option
closes: #30945

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-07-11 14:21:50 +02:00
rmartinc
ce195b81f8 Improve consent deletion when a realm is removed
Closes #30992

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-07-10 09:44:42 +02:00
Pedro Igor
1a8075d62a Update migration and upgrade guides about GroupRemovedEvent no longer fired when removing a realm
Closes #30919

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-07-05 10:14:30 +02:00
Pedro Igor
b745ac8259 Documenting LDAP connection pooling
Closes #30995

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-07-04 13:21:47 +02:00
Steven Hawkins
a7ae90cbb6
fix: adds affinity and other scheduling to the operator (#29977)
closes: #29258

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-07-03 20:07:03 +02:00
Thomas Darimont
f34bb21af6
Fix deprecations in common module
- Use charset in `Encode` class
- Replace reflective call to protected `Liquibase#resetServices()` with call to exposed public method on a custom subclass `KeycloakLiquibase`
- Remove usage of deprecated AccessController class in Reflections
- Deprecated SetAccessibleProvilegedAction and UnsetAccessibleProvilegedAction

Fixes #22209

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-02 16:02:35 +00:00
Peter Zaoral
add45a25a8
Add default CPU limit/request for the operator (#30601)
Closes: #27432

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-07-01 15:12:43 +02:00
Jon Koops
77fb3c4dd4
Use correct host URL for Admin Console requests (#30535)
Closes #30432

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-06-19 15:21:53 +02:00
Pedro Ruivo
5c0dddd837 Batch cluster events
Sending multiple events in a single network request should minimize
latency and traffic.

Closes #30445

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-06-14 21:14:22 +02:00
Pedro Ruivo
18a6c79011
Infinispan Protostream Marshaller (#29474)
Closes #29394

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-06-13 18:02:46 +02:00
daviddelannoy
d4fc5249c4
fix label error for persistent-user-sessions feature flag in documentation
Closes #30368

Signed-off-by: daviddelannoy <16318239+daviddelannoy@users.noreply.github.com>
2024-06-12 09:32:10 +00:00
Giuseppe Graziano
6067f93984
Improvements to refresh token rotation with multiple tabs (#29966)
Closes #14122

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-06-07 12:02:36 +02:00
Steven Hawkins
5059a02eb2
fix: minor refinements to collection utils (#29536)
closes: #29535

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-06-06 10:07:34 -04:00
Erik Jan de Wit
5897334ddb
Align environment variables between consoles (#30125)
* change to make authServerUrl the same as authUrl

fixes: #29641
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Remove `authUrl` entirely

Signed-off-by: Jon Koops <jonkoops@gmail.com>

* Remove file that is unrelated

Signed-off-by: Jon Koops <jonkoops@gmail.com>

* Split out and align environment variables between consoles

Signed-off-by: Jon Koops <jonkoops@gmail.com>

* Restore removed variables to preserve backwards compatibility

Signed-off-by: Jon Koops <jonkoops@gmail.com>

* Also deprecate the `authUrl` for the Admin Console

Signed-off-by: Jon Koops <jonkoops@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-06-06 08:36:46 +02:00
Peter Zaoral
cd2451d58b
Remove Oracle JDBC driver out of the box (#29895)
Closes: #29491

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-05-31 17:21:19 +00:00
Alexander Schwartz
af23150343 Fixing typo in the upgrading guide for persistent sessions
Closes #30028

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-31 13:18:34 +02:00
mposolda
37c10b4d43 Improve documentation for the case when 'basic' client scope already exists
closes #29880

Signed-off-by: mposolda <mposolda@gmail.com>
2024-05-29 13:32:05 +02:00
Michal Hajas
61d0d56720
Document it is not possible to use rolling configuration upgrade for enabling persistent sessions
Closes #29561

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-29 10:19:20 +02:00
Ryan Emerson
0f17f0abc5
Require external Infinispan be of version 15 or greater
Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-22 11:26:26 +00:00
Alexander Schwartz
80de3a0a71
Allow migration of non-persistent sessions to persistent sessions
Closes #29375

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-22 10:30:46 +02:00
rmartinc
f7044ba5c2 Use SessionExpirationUtils for validate user and client sessions
Check client session is valid in TokenManager
Closes #24936

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-05-22 10:12:20 +02:00
vramik
35df0140ee Add a note to the migration guide about index name length for Oracle database
Closes #29594

Signed-off-by: vramik <vramik@redhat.com>
2024-05-16 10:06:39 -03:00
Kamesh Akella
1d613d9037
Argon2 release notes and sizing guide update
Closes #29033

Signed-off-by: Kamesh Akella <kamesh.asp@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-14 17:40:51 +02:00
mposolda
d8a7773947 Adding dummyHash to DirectGrant request in case user does not exists. Fix dummyHash for normal login requests
closes #12298

Signed-off-by: mposolda <mposolda@gmail.com>
2024-05-13 16:33:29 +02:00
Pedro Igor
d2c5fc86a9 Additional note on release and upgrade guides about partial update on user attributes
Closes #28220

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-07 09:59:38 -03:00
Dimitri Papadopoulos Orfanos
9db1443367
Fix typos found by codespell in docs (#28890)
Run `chmod -x` on files that need not be executable.

Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-05-03 12:41:16 +00:00
Steven Hawkins
4697cc956b
further refinement of context handling (#28182)
* fully removing providers and moving the keycloaksession creation / final
cleanup

also deprecated Resteasy utility methods

closes: #29223

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-02 11:21:01 -04:00
Mark Banierink
ad32896725
replaced and removed deprecated token methods (#27715)
closes #19671 

Signed-off-by: Mark Banierink <mark.banierink@nedap.com>


Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-04-23 09:23:37 +02:00
Stefan Guilhen
8ca4bc77a1 Improve the performance of the queries used to find granted resources
- simplifies the queries to avoid unnecessary join
- creates two new indexes to speed up search time

Closes #28861

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-04-22 11:26:06 -03:00
Pedro Ruivo
3e0a185070 Remove deprecated EnvironmentDependentProviderFactory.isSupported method
Closes #26280

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-04-19 16:36:49 +02:00
Ricardo Martin
fc6b6f0d94
Perform exact string match if redirect URI contains userinfo, encoded slashes or parent access (#131) (#28872)
Closes keycloak/keycloak-private#113
Closes keycloak/keycloak-private#134

Signed-off-by: rmartinc <rmartinc@redhat.com>
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2024-04-18 16:02:24 +02:00
Martin Bartoš
7f74286106 Emphasize the need for setting container limit
Closes #28729

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-04-18 15:44:27 +02:00
rmartinc
ddacfbdefd Remove deprecated LinkedIn social provider
Closes #23127

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-04-18 10:10:58 +02:00
Martin Bartoš
1fb83bb165
Release notes and Migration guide for Hostname v2 (#28621)
Closes #27730

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
2024-04-17 09:29:59 +02:00
Steven Hawkins
58398d1f69
fix: replaces aesh with picocli (#28276)
* fix: replaces aesh with picocli

closes: #28275

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* fix: replaces aesh with picocli

closes: #28275

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-04-15 13:04:58 +00:00