keycloak-scim

Author	SHA1	Message	Date
Stefan Guilhen	fa7c2b5da6	Address review comments Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-19 09:06:35 -03:00
Stefan Guilhen	f82159cf65	Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code. Closes #32090 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-19 09:06:35 -03:00
Pedro Igor	8e0436715c	Support for ALL and ANY organization scope values Related #31438 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-19 08:45:23 -03:00
mposolda	3d787727f9	Add acr scope to all clients for those migrating from older than Keycloak 18 closes #31107 Signed-off-by: mposolda <mposolda@gmail.com>	2024-08-16 12:17:43 +02:00
Václav Muzikář	cb418b0bfc	Upgrade to Quarkus 3.13.2 (#31678 ) * Upgrade to Quarkus 3.13.2 Closes #31676 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> Co-authored-by: Peter Zaoral <pzaoral@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2024-08-16 11:41:34 +02:00
himanshi1099	7459992e40	Realm update validation for incorrect timeout values (#32137 ) closes #31595 Signed-off-by: Himanshi Gupta <higupta@redhat.com>	2024-08-16 08:58:27 +02:00
Alexander Schwartz	80d235fffb	Handle non-existing client gracefully (#32151 ) Closes #32150 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-08-15 16:08:40 +02:00
Stefan Guilhen	aeb1951aba	Replace calls to deprecated RealmModel IDP methods - use the new provider instead Closes #31254 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-15 10:55:36 -03:00
Pedro Igor	96acc62c00	Support for resolving organization based on the organization scope Closes #31438 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-15 10:32:15 -03:00
Stian Thorgersen	310824cc2b	Remove legacy cookies Closes #16770 Signed-off-by: stianst <stianst@gmail.com> Signed-off-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-08-15 15:27:38 +02:00
Martin Kanis	708a6898db	Add a count method to the OrganizationMembersResource Closes #31388 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-15 09:12:57 -03:00
Yoshiyuki Tabata	cb6eb187ac	Client Policy - Condition : Client - Client Attribute Closes https://github.com/keycloak/keycloak/issues/31766 Signed-off-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com>	2024-08-14 09:56:56 +02:00
kaustubh-rh	cf8905efe8	Fix for Client secret is visable in Admin event representation when Credentials Reset action performed for the Client. (#32067 ) * Stripping secrets for the credential representation Signed-off-by: kaustubh B <kbawanka@redhat.com>	2024-08-12 13:47:41 -03:00
Steven Hawkins	b72ddbcc45	fix: add a warning log if a deprecated admin env variable is used (#32038 ) closes: #31491 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-08-12 08:54:30 +02:00
rmartinc	347f595913	Add ECDH-ES encyption algorithms to the java keystore key provider Closes #32023 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-09 15:57:51 +02:00
Martin Kanis	da0864682a	Conditionally redirect existing users to a broker based on their credentials Closes #31006 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-09 07:59:25 -03:00
rmartinc	2a06e1a6db	Add SHAKE256 hash provider for Ed448 Closes #31931 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-08 17:36:54 +02:00
Justin Tay	966a454548	Add ECDH-ES JWE Algorithm Provider, Add generated ECDH key provider (#23928 ) Closes #23596 Closes #23597 Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>	2024-08-08 17:29:35 +02:00
Steven Hawkins	7ce6f12fe3	fix: adds a check for duplicate users/clients to simplify cmd errors (#31583 ) also changes temp-admin-service to temp-admin closes: #31160 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-08-08 08:20:33 -04:00
Pedro Igor	3ab2446074	Do not return identity providers when querying the realm representation Closes #21072 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-07 10:06:51 -03:00
rmartinc	acbbfde4ab	Adding upgrading notes for brute force changes Closes #31960 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-07 14:38:30 +02:00
Pascal Knüppel	f3341390f4	Issuer id must be a URL according to specification (#30961 ) fixes #30960 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2024-08-07 14:35:58 +02:00
Giuseppe Graziano	35c8c09b8d	OIDC dynamic client registration with response_type=none Closes #19564 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-08-07 10:34:47 +02:00
rmartinc	8a09905e5c	Remove the attempt in brute force when the off-thread finishes Closes #31881 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-06 15:30:49 -03:00
Michal Hajas	50c07c6e7c	Simplify configuration for MULTI_SITE Closes #31807 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2024-08-06 16:14:33 +00:00
Stefan Wiedemann	6258256c1b	Fix access token issue OID4VC (#31763 ) closes #31712 Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>	2024-08-04 11:42:40 +02:00
Ingrid Kamga	7c69c857a1	Add a media type to error responses on OID4VC endpoints Closes #31585 Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>	2024-08-02 12:09:09 +02:00
Justin Tay	f537343545	Allow empty key use in JWKS from identity provider Closes #31823 Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>	2024-08-02 11:39:43 +02:00
rmartinc	773e309f75	Parse saml urls correctly if the bindings are different Closes #31780 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-02 11:34:06 +02:00
Thomas Darimont	282260dc95	Ensure issued_client_type is always added to successful token-exchange response (#31548 ) - Compute issued_token_type response parameter based on requested_token_type and client configuration - `issued_token_type` is a required response parameter as per [RFC8693 2.2.1](https://datatracker.ietf.org/doc/html/rfc8693#section-2.2.1) - Added test to ClientTokenExchangeTest that requests an access-token as requested-token-type Fixes #31548 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-07-30 18:33:51 +02:00
Alexander Schwartz	11b19bc272	For persistent sessions, don't remove user session if there is no session in the remote store (#31756 ) Closes #31115 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-07-30 17:57:09 +02:00
Pedro Igor	a79761a447	Support for blocking concurrent requests when brute force is enabled Closes #31726 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Douglas Palmer <dpalmer@redhat.com> Signed-off-by: mposolda <mposolda@gmail.com>	2024-07-30 10:01:48 +02:00
Martin Kanis	d91d6d18d5	Can not update organization group error when trying to create organisation from REST API Closes #31144 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-07-29 17:39:56 +02:00
Pascal Knüppel	94784182df	Implement DPoP for all grantTypes (#29967 ) fixes #30179 fixes #30181 Signed-off-by: Pascal Knüppel <captain.p.goldfish@gmx.de> Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>	2024-07-29 16:30:54 +02:00
Stefan Guilhen	f45529de8c	Deprecate IDP related methods in RealmModel - delegate to the new provider Closes #31253 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-07-29 16:02:26 +02:00
Stefan Guilhen	c16e88bcee	Make the IDPProvider via session.identityProviders() Closes #31252 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-07-29 16:02:26 +02:00
Alexander Schwartz	6d404b86c9	Trigger clearing the user cache when the duplicate email allowed flag changes Closes #31045 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-07-29 10:37:42 +02:00
Francis Pouatcha	cc78fd7ca0	Provided keycloak with a protocol mapper, that can allow to optionally add iat and nbf claims to VCs (#31620 ) closes #31581 Signed-off-by: Francis Pouatcha <francis.pouatcha@adorsys.com>	2024-07-29 09:32:48 +02:00
Pedro Igor	87c279d645	Respect the username value format when processing federated users Closes #31240 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-29 09:28:43 +02:00
Pedro Igor	4d8c525644	Make sure changes to user profile metadata is not stored when calling decorators (#31549 ) Closes #30476 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-29 09:03:21 +02:00
Pedro Igor	1f8280c71a	Allow members joining multiple organizations Closes #30747 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-29 09:02:36 +02:00
Giuseppe Graziano	12732333c8	Client scope assignment for client registration Closes #31062 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-07-26 17:33:49 +02:00
Stian Thorgersen	30cd88fefe	Change default bootstrap admin service account client-id (#31649 ) Closes #31648 Signed-off-by: stianst <stianst@gmail.com>	2024-07-26 10:45:26 +00:00
vramik	649b35929e	Make sure users created through a registration link are managed members Closes #30743 Signed-off-by: vramik <vramik@redhat.com>	2024-07-25 04:30:13 -03:00
Maciej Mierzwa	97e89e2071	feature: password age in days policy Closes #30210 Signed-off-by: Maciej Mierzwa <dev.maciej.mierzwa@gmail.com>	2024-07-24 15:12:16 -03:00
Francis Pouatcha	30be268672	Enhance Verifiable Credential Signing Service Flexibility and Key Rotation(#30692 ) closes #30525 Signed-off-by: Francis Pouatcha <francis.pouatcha@adorsys.com>	2024-07-24 13:45:39 +02:00
rmartinc	5db3772d45	Remove TrustedHostClientRegistrationPolicyTest#testGithubDomain Closes #29271 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-23 11:33:38 +02:00
Diego Ramp	ae74d923d2	fix bad debugv({}) in favor of more tolerant debugf(%s) Closes #31368 Signed-off-by: Diego Ramp <diego.ramp@mobi.ch>	2024-07-18 10:34:32 +02:00
mposolda	3110bb8989	Missing Cache-Control header when response_type parameter is missing in login request closes #29866 Signed-off-by: mposolda <mposolda@gmail.com>	2024-07-18 10:17:52 +02:00
Pascal Knüppel	018a0802bc	Remove java.util.Date from VerifiableCredential (#30920 ) closes #30918 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2024-07-18 09:52:02 +02:00

1 2 3 4 5 ...

4730 commits