Pedro Igor
48082d08ec
Email visible on registration page when edit username is not allowed
...
Closes #17439
2023-03-30 08:11:30 +02:00
Douglas Palmer
ff27f6c77c
Fix SSSDTest
...
closes #19397
2023-03-29 21:54:00 +02:00
Jon Koops
8f627517cb
Remove legacy Promise APIs from Keycloak JS ( #19389 )
2023-03-29 16:29:27 +00:00
Michal Hajas
e49dfe534e
Fix missing migration when reading TERMS_AND_CONDITIONS required action in legacy store
...
Closes #17277
2023-03-29 16:43:01 +02:00
Daniel Kobras
a45b5dcd90
Prefer cert over pubkey in SAML metadata
...
If SAML key material was given as a certificate, consistently
expose the certificate rather than just the public key when
presenting SAML metadata info. This change ensures that the
client obtains sufficient information (eg. issuer) to close
the trust chain.
Closes : #17549
Signed-off-by: Daniel Kobras <kobras@puzzle-itc.de>
2023-03-29 11:17:24 +02:00
Marek Posolda
032ece9f7b
Clarify user session limits documentation and test SSO scenario ( #19372 )
...
Closes #17374
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-03-29 10:08:45 +02:00
rmartinc
2bb9de1a8c
Allow application/jwt media type for userinfo endpoint
...
Closes: https://github.com/keycloak/keycloak/issues/19346
2023-03-28 08:47:35 -03:00
Michal Hajas
beca22311b
Add RefreshTokenTest to database suite so it can catch some expiration issues similar to #17570
2023-03-28 08:32:31 +02:00
Michal Hajas
2a5b5c4a40
Fix stale client session is present in user session
...
Closes #17570
2023-03-28 08:32:31 +02:00
Pedro Igor
a9c605750d
Returning email as username setting for admins
...
Fixes #17591
2023-03-27 16:33:44 -03:00
Alexander Schwartz
251f6151e8
Rework the Import SPI to be configurable via the Config API
...
Also rework the export/import CLI for Quarkus, so that runtime options are available.
Closes #17663
2023-03-24 15:28:55 -03:00
Pedro Hos
bd0a23a865
/users/count endpoint with search field has different behavior than /users query endpoint #17620
...
closes #17620
2023-03-24 13:43:47 +01:00
Klajdi Paja
cf61a65198
Return a user friendly message when a group name already exists on the same level.
...
Closes #16888
2023-03-24 08:13:49 +01:00
rmartinc
8bc5273792
EAP7 and wildfly adapter tests fixes. Execute enable-elytron-se17.cli for EAP7 and JDK-17.
...
Closes https://github.com/keycloak/keycloak/issues/19273
2023-03-23 17:02:39 -03:00
Ayrat Hudaygulov
f578f91a0b
Fix ID token not being sent after expiration for OIDC logout
...
Closes #10164
2023-03-23 13:01:02 +01:00
Hiroyuki Wada
46eb2e1b84
Fix attribute deleted from LDAP is not immediately reflected even if it is "Always Read Value From LDAP"
2023-03-21 10:28:41 +01:00
Ricardo Martin
1a622e707f
Flaky tests org.keycloak.testsuite.federation.sync.SyncFederationTest ( #19095 )
...
Closes: https://github.com/keycloak/keycloak/issues/17430
Closes: https://github.com/keycloak/keycloak/issues/17431
2023-03-21 08:30:42 +01:00
Alexander Schwartz
513bb809f3
Add a map storage global locking implementation for JPA
...
Closes #14734
2023-03-21 08:21:11 +01:00
rmartinc
bef0a4a6f1
Check frontendUrl in the hostname providers
...
Closes https://github.com/keycloak/keycloak/issues/17686
2023-03-20 18:54:58 -03:00
Miquel Simon
80d3cc5dea
Added option for Chrome driver needed for version >= 111.
...
Closes #19137
2023-03-20 13:09:23 +01:00
Pedro Igor
a30b6842a6
Decouple the policy enforcer from adapters and provide a separate library
...
Closes keycloak#17353
2023-03-17 11:40:51 +01:00
rmartinc
cab7e50410
Better handling for SAML signatures in POST and REDIRECT bindings
...
Closes https://github.com/keycloak/keycloak/issues/17456
2023-03-15 09:06:59 -03:00
Martin Kanis
5e7793b64d
Unexpected invalid_grant error on offline session refresh when client session is not in the cache
...
Closes #9959
Co-authored-by: Martin Kanis <mkanis@redhat.com>
Co-authored-by: Lex Cao <lexcao@foxmail.com>
2023-03-15 12:39:43 +01:00
Jon Koops
96aa4b3394
Add Maven build for the Admin UI ( #17552 )
2023-03-13 18:16:12 +00:00
Hynek Mlnarik
fe5d89295f
Fix client (scope) model test placement
...
Fixes : #17212
2023-03-13 14:35:14 +01:00
Pedro Igor
af475ffe23
Fixing classloading issue due to the curated application being eagerly closed
2023-03-13 09:34:49 +01:00
Alexander Schwartz
0b2802fa18
Fixing compile time warnings
...
Avoiding calling deprecated methods, and adding compile time dependencies for annotations.
Closes #17499
2023-03-09 15:42:55 +01:00
vramik
31e4c5cb7e
Add storage-jpa-db
property into Quarkus. Distinguish postgres and crdb for jpa map store.
...
Closes #17305
2023-03-09 11:09:56 +01:00
Tero Saarni
9052ec2b02
Add admin events for realm create/delete. ( #10831 )
...
Closes #10733
2023-03-07 15:57:06 +01:00
Simon Levermann
96c1cf3c49
Allow mapping of UserSessionNotes into UserInfo
...
Fixes #15369
2023-03-07 15:25:14 +01:00
rmartinc
a56b38c5a6
Don't remove session and don't reset restart cookie if passive check error
...
Closes https://github.com/keycloak/keycloak/issues/11340
2023-03-07 15:10:09 +01:00
rmartinc
06ff8b016c
Don't set REMEMBER_ME if it's disabled at realm level
...
Closes https://github.com/keycloak/keycloak/issues/11330
2023-03-07 15:01:58 +01:00
Michal Hajas
837c64de3d
Add support for pessimistic locking to HotRod
...
Closes #13273
2023-03-07 10:44:31 +01:00
Alexander Schwartz
f6f179eaca
Rework the export to use CLI options and property mappers
...
Also, adding the wiring to support Model tests for the export.
Closes #13613
2023-03-07 08:22:12 +01:00
mposolda
a0192d61cc
Redirect loop with authentication success but access denied at default identity provider
...
closes #17441
2023-03-06 10:45:01 +01:00
Michal Hajas
465019bec4
Extract attachDevice outside of storage layer
...
Closes #17336
2023-03-03 17:58:34 +01:00
Zakaria Amine
fb5a7f654b
trigger IDENTITY_PROVIDER_FIRST_LOGIN (and UPDATE_PROFILE ) event when identity provider flow succeeds ( #15100 )
...
closes #15098
2023-03-03 17:49:27 +01:00
Jon Koops
6d2e57f93a
Move Keycloak JS into the NPM workspace ( #17401 )
2023-03-03 13:56:53 +01:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version ( #17334 )
...
* Use a valid SemVer format for the SNAPSHOT version
* Update pom.xml
* Update pom.xml
---------
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-03-03 11:11:44 +01:00
Alexander Schwartz
95a6effcef
Increase memory for the model tests to avoid an OOM error
...
Closes #17427
2023-03-03 10:55:03 +01:00
Alexander Schwartz
1e4401f521
Avoid returning the same entity multiple times from separate searches
...
Closes #15604
2023-03-02 08:21:38 +01:00
mposolda
b28bde542f
referrer_url is not correctly computed in account console
...
closes #16484
2023-03-01 20:49:15 +01:00
Marek Posolda
59f4fe1c60
NPE on Theme after upgrade to 21 when parent or import theme not exists ( #17350 )
...
* NPE on Theme after upgrade to 21 when parent or import theme not exists
closes #17313
* Update per review
2023-03-01 15:46:37 +00:00
Michal Hajas
e02c95f9d3
Fix testReleaseAllLocksMethod timing out intermittently
...
Closes #17337
2023-03-01 14:55:50 +01:00
rmartinc
5cdf4d5791
Read-Only attributes should be modified if creation is delayed for LDAP
...
Closes https://github.com/keycloak/keycloak/issues/16848
2023-03-01 11:26:57 +01:00
Michal Hajas
7899c6c80a
Make DeviceRepresentationProvider available for all model test profiles
...
Closes #17329
2023-02-28 14:55:48 +01:00
Pedro Igor
fbf5541802
Remove duplicated set-cookie header from response when expiring cookies
...
Closes #17192
2023-02-27 14:17:27 -03:00
lpa
3cd413dee1
SOAP backchannel logout for SAML protocol
...
Closes #16293
2023-02-27 14:24:12 +01:00
rmartinc
38a46726e4
Implement UserInfoTokenMapper in HardcodedRole and RoleNameMapper mappers
...
Closes https://github.com/keycloak/keycloak/issues/15624
2023-02-27 10:14:48 -03:00
Miquel Simon
923a321a55
Run WebAuthn IT with Chrome. ( #17256 )
2023-02-23 20:58:13 +00:00