libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions
26533 commits 4 branches 5 tags 483 MiB
Commit graph

1253 commits

Author SHA1 Message Date
Ryan Emerson
902abfdae4
JDBC_PING as default discovery protocol 
Closes #29399

- Add ProviderFactory#dependsOn to allow dependencies between
  ProviderFactories to be explicitly defined
- Disable Infinispan default shutdownhook disabled to ensure lifecycle
  is managed exclusively by Keycloak
- Remove Infinispan shutdown hook in KeycloakRecorder and manage
  EmbeddedCacheManager lifecycle only in DefaultInfinispanConnectionProviderFactory#close

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-10-22 20:19:19 +00:00
Gilvan Filho
c4005d29f0 add linear strategy to brute force 
closes #25917

Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>
 2024-10-22 10:33:22 -03:00
Kevin Köllmann
23a6822715
Don't fail on drop index IDX_US_SESS_ID_ON_CL_SESS 
Closes #33780

Signed-off-by: Kevin Köllmann <kevin@kllmnn.de>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2024-10-10 15:37:40 +00:00
vramik
b7eaa9b0cb Wildcard search not working for custom user attributes 
Closes #32451

Signed-off-by: vramik <vramik@redhat.com>
 2024-10-03 08:48:36 -03:00
vramik
c1653448f3 [Organizations] Allow orgs to define the redirect URL after user registers or accepts invitation link 
Closes #33201

Signed-off-by: vramik <vramik@redhat.com>
 2024-10-02 07:37:48 -03:00
Alexander Schwartz
5bb23eb0fc
Optimize update of user attributes (#32907) 
Closes #32906
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-09-25 16:39:42 +02:00
Stefan Guilhen
6424708695 Ensure organization id is preserved on export/import 
- Also fixes issues with description, enabled, and custom attributes missing when re-importing the orgs.

Closes #33207

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-09-25 16:07:44 +02:00
Stefan Guilhen
900c496ffe
Remove the kc.org.broker.public attribute and use hideOnLogin in the IDP instead 
Closes #32209

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-09-20 16:08:55 +02:00
Michal Hajas
d065be362a
Fix flaky UserSessionPersisterProviderTest 
Closes #32892

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-09-20 13:24:34 +02:00
vramik
fcb31a5aa6 Implement invitation-only self-registration for realm users 
Closes #31643

Signed-off-by: vramik <vramik@redhat.com>
 2024-09-18 13:50:23 +02:00
Alexander Schwartz
2a95d0abfa
Sort order of updates for user properties (#32853) 
This should reduce deadlocks on the user property table if the users are updated concurrently.

Closes #32852

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-09-18 12:37:42 +02:00
Václav Muzikář
83c00731c3
Upgrade to Quarkus 3.14.2 (#32519) 
Closes #32517

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
 2024-09-13 20:18:48 +02:00
Michal Hajas
0f97e4cb39 Drop old tables for user and client sessions that are no longer used 
Closes #32582

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2024-09-12 11:47:37 +02:00
Stian Thorgersen
40049f31fa
Remove ProxyClassLoader and PlatformProvider returning script classloader (#32806) 
Closes #32804

Signed-off-by: stianst <stianst@gmail.com>
 2024-09-11 17:11:26 +02:00
cgeorgilakis-grnet
f8b1b3ee03 Search Identity Providers by alias or display name 
Closes #32588

Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
 2024-09-10 21:52:59 +02:00
Alexander Schwartz
ca951c3002
Drop redundant index on client sessions (#32665) 
Closes #32583

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-09-06 13:39:32 +02:00
Stefan Guilhen
e7a4635620 Filter out org brokers from the account console 
- org-linked brokers should not be available for login
- prepare the endpoint for search/pagination

Closes #31944

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-09-04 09:00:52 -03:00
Stefan Guilhen
557d7e87b2 Avoid iterating through all mappers when running the config event listeners 
Closes #32233

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-09-04 07:40:58 -03:00
Martin Kanis
7e6dd682d4 Validate organization alias for forbidden chars 
Closes #32392

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-08-28 21:59:38 +02:00
vramik
37f42430e6 When Organization feature is enabled UserAdapter.getGroupsCount() returns wrong result 
Closes #32460

Signed-off-by: vramik <vramik@redhat.com>
 2024-08-28 21:20:56 +02:00
Stefan Guilhen
88cca10472 Rename IDPSpi to IdentityProviderStorageSpi 
Closes #31639

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-08-26 15:10:09 -03:00
Stefan Guilhen
98dc21e6fc Add non-null filter when fetching groups. 
Closes #32321

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-08-26 09:33:51 -03:00
Vlasta Ramik
d63c0fbd13
Decouple Identity provider mappers from RealmModel (#32251) 
* Decouple Identity provider mappers from RealmModel

Closes #31731

Signed-off-by: vramik <vramik@redhat.com>
 2024-08-22 12:05:19 -03:00
Alexander Schwartz
04d2126c73 Don't fetch expired user sessions from the database 
Closes #32273

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-22 12:51:43 +02:00
Alexander Schwartz
5740f8836a Cleanup 
Closes #32273

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-22 12:51:43 +02:00
yelhouti
e8840df0e0
Fix: admin GUI not working with 1000s of realms 
Search by RealmName is done before loading all realms when filtering

Closes #31956

Signed-off-by: Youssef El Houti <youssef.elhouti@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-21 14:58:36 +02:00
Stefan Guilhen
585d179fe0 Ensure identity providers returned to the org IDP selection are IDPs not associated with any orgs. 
Closes #32238

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-08-21 07:49:01 -03:00
Stefan Guilhen
fa7c2b5da6 Address review comments 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-08-19 09:06:35 -03:00
Stefan Guilhen
f82159cf65 Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code. 
Closes #32090

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-08-19 09:06:35 -03:00
Alexander Schwartz
74fec50ac5
Load client sessions in chunks from the database (#32185) 
Closes #32180

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-16 15:00:57 +00:00
Alexander Schwartz
49d2efbfb2
Specify version column name in a case-sensitive manner (#32169) 
Closes #32127

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-16 10:12:33 +02:00
Stefan Guilhen
aeb1951aba Replace calls to deprecated RealmModel IDP methods 
- use the new provider instead

Closes #31254

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-08-15 10:55:36 -03:00
Martin Kanis
708a6898db Add a count method to the OrganizationMembersResource 
Closes #31388

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-08-15 09:12:57 -03:00
vramik
4d7f25535c IDP storage provider Infinispan implementation 
Closes #31251

Signed-off-by: vramik <vramik@redhat.com>
 2024-08-13 08:36:15 -03:00
Michal Hajas
50c07c6e7c
Simplify configuration for MULTI_SITE 
Closes #31807

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2024-08-06 16:14:33 +00:00
Alexander Schwartz
00bfc2c34f
Adding an index for the revoked tokens table to speed up the cleanup (#31790) 
Closes #31725

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-08-01 11:12:53 +02:00
Martin Kanis
d91d6d18d5 Can not update organization group error when trying to create organisation from REST API 
Closes #31144

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-07-29 17:39:56 +02:00
Stefan Guilhen
f45529de8c Deprecate IDP related methods in RealmModel 
- delegate to the new provider

Closes #31253

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-07-29 16:02:26 +02:00
Stefan Guilhen
4c5f54ce0b Add JPA implementation for the IDPProvider 
Closes #31250

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-07-29 16:02:26 +02:00
Pedro Igor
04bd6653ec Invalidating domain cache and introducing cache for more query methods 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-07-29 09:02:36 +02:00
Pedro Igor
1f8280c71a Allow members joining multiple organizations 
Closes #30747

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-07-29 09:02:36 +02:00
Alexander Schwartz
227c71f7f0
Persisting revoked access tokens 
Closes #31296

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-07-26 11:46:14 +02:00
vramik
649b35929e Make sure users created through a registration link are managed members 
Closes #30743

Signed-off-by: vramik <vramik@redhat.com>
 2024-07-25 04:30:13 -03:00
Alexander Schwartz
65d4b74758 Filter out null values when looking up entries by ID 
This should prevent null elements in the stream when doing concurrent operations.

Closes #28865

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-07-23 09:22:41 +02:00
Pedro Igor
de1de06354 Avoid adding organization flows if they are already exist 
Closes #31182

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-07-17 08:28:00 +02:00
Giuseppe Graziano
1df60461a9 Avoid race condition when using initial-access-token 
Closes #27294

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-07-12 16:33:02 +02:00
rmartinc
ce195b81f8 Improve consent deletion when a realm is removed 
Closes #30992

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-07-10 09:44:42 +02:00
Thomas Darimont
f34bb21af6
Fix deprecations in common module 
- Use charset in `Encode` class
- Replace reflective call to protected `Liquibase#resetServices()` with call to exposed public method on a custom subclass `KeycloakLiquibase`
- Remove usage of deprecated AccessController class in Reflections
- Deprecated SetAccessibleProvilegedAction and UnsetAccessibleProvilegedAction

Fixes #22209

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-07-02 16:02:35 +00:00
Pedro Igor
cc2ccc87b0 Filtering organization groups when managing or processing groups 
Closes #30589

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-06-28 10:27:18 -03:00
Pascal Knüppel
c4ebd0cd0c
Add event for ClientScope created (#30715) 
closes #30795 

Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
 2024-06-27 19:05:29 +02:00