Commit graph

15309 commits

Author SHA1 Message Date
lpa
3cd413dee1 SOAP backchannel logout for SAML protocol
Closes #16293
2023-02-27 14:24:12 +01:00
rmartinc
38a46726e4 Implement UserInfoTokenMapper in HardcodedRole and RoleNameMapper mappers
Closes https://github.com/keycloak/keycloak/issues/15624
2023-02-27 10:14:48 -03:00
Alexander Schwartz
8abe984844
Change the list features to the format of a description list (#17237)
CIAM-5050
2023-02-27 08:36:29 +01:00
Miquel Simon
923a321a55
Run WebAuthn IT with Chrome. (#17256) 2023-02-23 20:58:13 +00:00
Carsten Hoffmann
bd36b21969 Upgrade WildFly Elytron to 1.20.3 to fix multiple CVEs
Closes #16652
Closes #16779
Closes #17094
Closes #17095
2023-02-23 13:14:46 -03:00
Thomas Darimont
16efddc908
Fix NPE in MigrateTo21_0_0 when admin theme is not set explicitly (#17249)
Only update admin-console theme to keycloak.v2 if it is explicitly set to "keycloak" or "rh-sso".

Fixes #17248

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-02-23 15:37:59 +00:00
rmartinc
c9fdaf572b
jwks endpoint for X/Y coordinates in EC keypair can return less bytes than expected (#14952)
Closes #14933
2023-02-23 16:22:23 +01:00
mposolda
f180115d27 Log some details if error happens in CIBA authentication request
Closes #14650
2023-02-23 14:36:28 +01:00
Václav Muzikář
557a22968c
Stabilize Account Console UI tests (#17243)
Closes #17178
Closes #17102
Closes #17070
Closes #17045
Closes #17044
Closes #16875
Closes #16870
Closes #16715
Closes #16670
Closes #16646
Closes #16627
Closes #16620
2023-02-23 12:35:08 +01:00
Andre Nascimento
aa422484e2 Improvements on Operator Integration Tests to make sure that Config set in CR takes precedence.
Closes #13114
2023-02-23 08:51:40 +01:00
Yohan Siguret
82423f38a1 Add user id to TOKEN_EXCHANGE events
Co-authored-by: thaDude <ogdude@googlemail.com>
2023-02-22 17:13:48 -03:00
Pedro Igor
2b98fcdecb Support for standard Forwarded header
Closes #11580
2023-02-22 19:28:04 +01:00
Hynek Mlnarik
7d136c5cca Generate map-like collection accessors
Along the way fixes also problem with field delegates which
applied manually-crafted methods like `MapUserEntity.removeCredential(id)`
to the delegate itself rather than to the underlying object.

Co-authored-By: Michal Hajas <mhajas@redhat.com>

Closes: #17223
2023-02-22 17:26:31 +01:00
Hynek Mlnarik
878debd2ab Forbid changing ID
Closes: #16881
2023-02-22 17:19:22 +01:00
Marek Posolda
b9ab942ef8
FIPS related docs (#17196)
* FIPS related docs
Closes #16444 #12432 #12429

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-02-22 12:47:15 +01:00
rmartinc
f91ac2970d
Polish fips-mode switch for preview (#17228)
* Polish fips-mode switch for preview
Closes #17208 #17210 


Co-authored-by: mposolda <mposolda@gmail.com>
2023-02-22 12:12:52 +01:00
Stian Thorgersen
9df7ef4331
Switch to JDK 17 as default JDK on GitHub Actions (#16014)
Co-authored-by: Marek Posolda <mposolda@gmail.com>
2023-02-22 07:20:14 +01:00
mposolda
5ac8f7c1ef Link 'Sign out' incorrectly hardcoded to localhost in the authz example applications
closes #17216
2023-02-21 15:49:20 +01:00
Alexander Schwartz
9ebbf9ceef
Avoid nested table for downstream docs (#17145)
* Avoid nested table for downstream docs

CIAM-5051

* WIP

* Next iteration: making the options and their values monospaced. Merge the default column into the values column

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2023-02-21 13:44:39 +00:00
Fouad Almalki
1ed46ac56b
Add Arabic locale to messages (#17090)
Co-authored-by: Mouhand Kaddo <mohand90098@gmail.com>
2023-02-21 12:45:47 +01:00
Alexander Schwartz
54048f1e6c Callers need to indicate if cookies need to be set at the end of the transaction
Closes #17141
2023-02-21 11:54:32 +01:00
Ivon Göttgens
ac04ef634c
Added missing Dutch translations for login and account (v2) (#17143)
* Added missing Dutch translations for login and account

* Apply suggestions from code review

Resolved review suggestions

Co-authored-by: Jon Koops <jonkoops@gmail.com>

---------

Co-authored-by: Ivon Göttgens <i.gottgens@innovadis.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2023-02-21 11:45:26 +01:00
andymunro
b8e01596f6
Apply to Keycloak documentation style to the Getting Started guides (#17173)
Closes #17133
2023-02-20 13:58:57 +01:00
Douglas Palmer
1d75000a0e Create an SPI for DeviceActivityManager
closes #17134
2023-02-20 09:29:11 +01:00
Erik Jan de Wit
9c431f3b90
introduced combined sessions table needed (offline and regular) (#17023) 2023-02-20 08:59:38 +01:00
Erik Jan de Wit
d0828148a2
removed invalid search (#16913)
fixes: https://github.com/keycloak/keycloak-ui/issues/4320
2023-02-20 08:59:26 +01:00
vramik
055b7c3b16 Remove deprecated methods from login-failure area from user-session interface
Closes #15053
2023-02-17 13:03:02 +01:00
Hynek Mlnarik
e30e1eca68 Ensure that concatenated Stream is closed once read
Fixes: #15781
2023-02-17 13:00:32 +01:00
Michal Hajas
1c79a5666d Deprecate RoleModel.SearchableFields.IS_CLIENT_ROLE field
Closes #17144
2023-02-16 20:50:46 +01:00
Zakaria Amine
0972edd6a5
Fix label for IdpReviewProfileAuthenticatorFactory (take 2) (#17062)
Use static english text for IdpReviewProfileAuthenticatorFactory label config
Closes #16658
2023-02-16 19:16:00 +01:00
drohwer89
4ff180da64
Terminating all sessions above the session limit (#16068)
Adjusts implementation of UserSessionLimitsAuthenticator to terminate all sessions above the session limit.

Closes #14689

Co-authored-by: Marek Posolda <mposolda@gmail.com>
2023-02-16 17:56:59 +01:00
rmartinc
9995a3cdd4 lastSync value into COMPONENT_CONFIG is always updated
Closes https://github.com/keycloak/keycloak/issues/17022
2023-02-16 17:48:49 +01:00
Andre Nascimento
cb78ea06b0 Make sure the customized Ingress resource isn't deleted when the Keycloak deployed by Operator is killed.
Closes #14433
2023-02-16 17:31:31 +01:00
summersab
a64f6dcfc2 Update TotpBean.java
Add a `getUsername()` method to the `TotpBean` class so usernames can be used in the TOTP templates.
2023-02-16 08:13:39 -03:00
mposolda
4f068fcdcc Make https-trust-store-type set to bcfks by default in strict-mode
Closes #17119
2023-02-16 08:00:21 -03:00
Alexander Schwartz
e76418e3de Removing unused code, as JPA Map storage always uses JTA nowadays
Closes #13222
2023-02-16 11:08:37 +01:00
Alexander Schwartz
febe134d5b Make the event listeners specific to the persistence unit
Closes #13219
2023-02-16 11:08:15 +01:00
Pedro Igor
3be2775f9e Do not enable storage chm by default if db option is set 2023-02-16 08:30:45 +01:00
Václav Muzikář
2089878740 Update Operator container to UBI 9 / RHEL 9
Closes #17068
2023-02-15 16:26:29 -03:00
rmartinc
3f8c4e24e2 Change container image in FIPS tests to ubi9
Closes https://github.com/keycloak/keycloak/issues/12422
2023-02-15 20:23:59 +01:00
Jon Koops
9432bd601f
Bump NPM versions in set-version.sh (#17128) 2023-02-15 16:31:48 +01:00
sui.jieqiang
1f6fa0501c Fix search user groups without limit
Closes #12649
2023-02-15 15:50:46 +01:00
rmartinc
fbc9177f27 Doublecheck if we need to override properties in java.security
Closes https://github.com/keycloak/keycloak/issues/16702
2023-02-15 12:33:48 +01:00
Hynek Mlnarik
d768e75be7 Fix clientRole warning
Fixes: #16857
2023-02-15 10:59:52 +01:00
vramik
7b604d6784 Sync properties in map-storage-jpa-cocroach with other profiles
Closes #17107
2023-02-15 10:49:22 +01:00
Michal Hajas
1f929c78af Make lockTimeout more friendly for JPA map storage
Closes #16616
2023-02-15 10:38:18 +01:00
Hynek Mlnarik
bb0eb899a7 Add ability to run arq testsuite with file store
Fixes: #17032
2023-02-15 10:17:23 +01:00
Stian Thorgersen
6cbe424916
Move some areas to core team in teams.yml (#17087) 2023-02-14 17:24:49 +01:00
Hynek Mlnarik
2665fb01a6 File storage: Fix path traversal
Fixes: #17029
2023-02-14 14:30:14 +01:00
Stian Thorgersen
2711606a70
Rename teams (#17082) 2023-02-14 14:12:09 +01:00