keycloak-scim

Author	SHA1	Message	Date
rmartinc	456878bb00	Use clickLink for logout in webauthn Closes #32923 Closes #32606 Closes #32605 Closes #32503 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-10-03 08:23:48 +02:00
Martin Kanis	51fd133f05	[Keycloak CI] - User Federation Tests - fixing AD tests Closes #33231 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-10-02 16:02:55 -03:00
Pedro Aguiar	f60be4bf8e	update: fix typo "a email" (#33482 ) - "a email" becomes "an email". Signed-off-by: Pedro Aguiar <contact@codespearhead.com>	2024-10-02 19:34:33 +02:00
rmartinc	7a886aab64	Use sendKeys instead of click for the webauthn tests Closes #33362 Closes #33037 Closes #32548 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-10-02 18:18:56 +02:00
Pedro Igor	9bbe00e3e3	Wait for welcome page to load as it might take a bit more time to load/redirect. Closes #28953 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-10-02 10:09:17 -03:00
vramik	c1653448f3	[Organizations] Allow orgs to define the redirect URL after user registers or accepts invitation link Closes #33201 Signed-off-by: vramik <vramik@redhat.com>	2024-10-02 07:37:48 -03:00
Ricardo Martin	6e471a8477	Add the nonce attribute when the client session context is recreated (#33422 ) Closes #33355 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Tomas Kralik <tomas.kralik@pbktechnology.cz>	2024-10-02 09:44:25 +02:00
Pedro Igor	ebfb42f9c5	Force tests to wait for brute force login event as they are fired in a separate thread Closes #32942 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-10-02 08:43:17 +02:00
Pedro Igor	353392f6ac	Wait for the register page being loaded after clicking the registration link. Flaky tests are failing in a similar fashion after clicking the link. Closes #32930 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-10-02 08:20:12 +02:00
Giuseppe Graziano	b46fab2308	Remove root auth session after backchannel logout Closes #32197 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-10-01 11:56:57 +02:00
Jon Koops	67b6b4c942	Require Keycloak JS configuration to be passed explicitly (#33399 ) Closes #32823 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-10-01 10:29:10 +02:00
mposolda	e582a17a7c	Fix client-attributes condition configuration closes #33390 Signed-off-by: mposolda <mposolda@gmail.com>	2024-10-01 10:12:28 +02:00
Peter Zaoral	d5d6390b1c	Make Keycloak fail with an error when the persisted build options differs from those provided (#33241 ) * PropertyException is now thrown instead of a warning * Operator guides clarification around health and metrics options Closes: #32717 Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2024-09-30 19:28:23 +02:00
Douglas Palmer	b5e282648f	org.keycloak.testsuite.forms.BruteForceTest#testRaceAttackPermanentLockout (#32701 ) * org.keycloak.testsuite.forms.BruteForceTest#testRaceAttackPermanentLockout Closes #32256 Signed-off-by: Douglas Palmer <dpalmer@redhat.com> Signed-off-by: Marek Posolda <mposolda@gmail.com> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2024-09-30 18:38:10 +02:00
Kyale	a35edeb488	Resolved errors during component import referencing groups Whenever a component being imported contained a reference to a group also being imported, the group was not found because groups were being imported after components by DefaultImportExportManager Closes #10730 Signed-off-by: Kyale <github@chalkyweb.com>	2024-09-30 11:46:19 -03:00
Steven Hawkins	5d99d91818	fix: allows for the detection of a master realm with --import-realms (#32914 ) also moving initial bootstrapping after import closes: #32689 Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2024-09-30 14:40:16 +02:00
Jon Koops	d60dee7622	Remove the UMD distribution of Keycloak JS (#33080 ) Closes #32826 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-09-30 14:05:18 +02:00
rmartinc	aaf8136c89	Move deleteCookies to before for RecoveryAuthnCodesAuthenticatorTest Closes #26176 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-09-30 12:05:16 +02:00
rmartinc	1d23c3c720	Use note to detect the IDP verify email action is already done Closes #31563 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-09-27 09:16:53 +02:00
mposolda	8f038f19dd	Upgrade BCFIPS to 2.0 closes #30415 Signed-off-by: mposolda <mposolda@gmail.com>	2024-09-26 06:52:21 +02:00
Stefan Guilhen	6424708695	Ensure organization id is preserved on export/import - Also fixes issues with description, enabled, and custom attributes missing when re-importing the orgs. Closes #33207 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-09-25 16:07:44 +02:00
Michal Hajas	d9c567a5e4	Run model tests with clusterless feature enabled Closes #33058 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2024-09-24 14:06:52 +02:00
Benoît	bf19ec11cf	Fix UserStorageManager.getGroupMembersStream potentially fetching all user (#33145 ) Closes #32761 Signed-off-by: Benoit Messager <benoit.messager@liksi.fr> Co-authored-by: Benoit Messager <benoit.messager@liksi.fr>	2024-09-24 09:51:35 +02:00
Jon Koops	46b0b6195c	Remove `keycloak-js-adapter-jar` artifact (#33196 ) Closes #32824 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-09-23 15:46:56 +00:00
Stian Thorgersen	d778a8551a	Use references to obtain the signed elements in a signature (#188 ) (#33190 ) Closes keycloak/keycloak-private#191 Closes #33116 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Ricardo Martin <rmartinc@redhat.com>	2024-09-23 13:51:46 +02:00
Stian Thorgersen	af5eef57bf	Improve handling for loopback redirect-uri validation (#195 ) (#33189 ) Closes #33116 Signed-off-by: stianst <stianst@gmail.com>	2024-09-23 13:51:02 +02:00
Jon Koops	5e2f09f66d	Remove statically served Keycloak JS from the server (#33083 ) Closes #32827 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-09-22 19:05:01 +02:00
Giuseppe Graziano	849ca3efb9	Fix amr test Closes #26117 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-09-20 23:32:55 +02:00
Daniel Fesenmeyer	87da4011f7	Bugfix: "User Profile" attributes not available for Users Attribute search, when admin user does not have view- or manage-realm realm-management role (#31771 ) - UIRealmResource: add "info" sub-resource to get realm-related information, which is visible for ALL admins (users having any realm-management role); for now, only provide the information whether any user profile provider is enabled - UIRealmResourceTest: test the new endpoint, including permissions check - UserDataTable.tsx: use this resource to get the info whether user profile providers are enabled, instead of using the realm components resource (which requires "view-realm" permissions) - .../cypress/e2e/users_attribute_search_test.spec.ts: add cypress test to test the attribute search with minimum access rights - further small changes for reuse of components, test-code etc Closes #27536 Signed-off-by: Daniel Fesenmeyer <daniel.fesenmeyer@bosch.com>	2024-09-20 14:06:08 -04:00
Christian Janker	21f90145ac	Send UserRemovedEvent containing all user attributes Invalidate CachedUserModel before UserRemovedEvent closes #32194 Signed-off-by: Christian Janker <christian.janker@gmx.at>	2024-09-20 16:22:08 +02:00
Stefan Guilhen	900c496ffe	Remove the kc.org.broker.public attribute and use hideOnLogin in the IDP instead Closes #32209 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-09-20 16:08:55 +02:00
Michal Hajas	d065be362a	Fix flaky UserSessionPersisterProviderTest Closes #32892 Signed-off-by: Michal Hajas <mhajas@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-09-20 13:24:34 +02:00
Stefan Guilhen	42cde0cfdd	Fix various issues holding up CI (#33086 ) - Disables the remote operator tests, which will have to be fixed later. - Fixes the action expired error which occurs when accessing regular registration page with Organizations enabled. - Fixes a race condition in the test suite causing sporadic failures. Closes #33064 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com> Signed-off-by: rmartinc <rmartinc@redhat.com> Signed-off-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-09-19 21:23:21 +02:00
vramik	fcb31a5aa6	Implement invitation-only self-registration for realm users Closes #31643 Signed-off-by: vramik <vramik@redhat.com>	2024-09-18 13:50:23 +02:00
Erik Jan de Wit	1f573eded0	added username field like suggested in issue comment (#32866 ) related: #32522 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-09-18 13:03:03 +02:00
Vlasta Ramik	4ce40be1af	Make the ORGANIZATION a default feature (#32404 ) Closes #32395 Signed-off-by: vramik <vramik@redhat.com>	2024-09-18 12:19:28 +02:00
Stefan Guilhen	3e597722a9	Add cache for IdentityProviderStorageProvider.getForLogin (#32918 ) Closes #32573 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-09-18 09:05:57 +02:00
rmartinc	5fe916861d	Return 404 on invalid theme type Closes #32798 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-09-17 09:09:34 +02:00
Giuseppe Graziano	e6c5ee31e4	Admin API with Lightweight access token and transient session Closes #32802 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-09-16 09:30:15 +02:00
Ricardo Martin	9c780e9190	Honor turnOffChangeSessionIdOnLogin in SAML adapter (#185 ) Closes keycloak/keycloak-private#183 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-09-16 09:21:07 +02:00
Nate Drake	75973157aa	Fix a few typos (#32929 ) Signed-off-by: Nate Drake <ndrake@gmail.com>	2024-09-15 10:12:26 +00:00
Pedro Ruivo	f67bec0417	Rename remote-cache Feature Renamed to "clusterless" Closes #32596 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-09-13 13:03:13 +02:00
Stefan Guilhen	92e435f192	Do not automatically re-import users if they already exist locally when searching by attributes Closes #32870 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-09-13 08:54:44 +02:00
Erik Jan de Wit	9aad6f650d	added more style fixes for the login.v2 (#32708 ) * added more style fixes for the login.v2 related: #32522 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * fixed grant screen Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * test fixes Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * fix for code.ftl Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * test fixes Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * fixed tests Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> --------- Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-09-11 14:52:49 -04:00
mposolda	125124c2d9	Error when deploying SAML application with the keys in PEM format inside keycloak-saml.xml closes #32817 Signed-off-by: mposolda <mposolda@gmail.com>	2024-09-11 19:03:10 +02:00
Stian Thorgersen	40049f31fa	Remove ProxyClassLoader and PlatformProvider returning script classloader (#32806 ) Closes #32804 Signed-off-by: stianst <stianst@gmail.com>	2024-09-11 17:11:26 +02:00
Thomas Darimont	445a7da902	Ensure realm attributes import happens before client import Fixes #32799 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-09-11 15:14:33 +02:00
rmartinc	b60621d819	Allow brute force to have http request/response and send emails Closes #29542 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-09-11 08:35:03 +02:00
cgeorgilakis-grnet	f8b1b3ee03	Search Identity Providers by alias or display name Closes #32588 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>	2024-09-10 21:52:59 +02:00
Erik Jan de Wit	d2e7c15f2f	added text and tooltip to idp (#32411 ) * added text and tooltip to idp Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * Update themes/src/main/resources/theme/keycloak.v2/login/login.ftl Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Erik Jan de Wit <edewit@redhat.com> * Update themes/src/main/resources/theme/keycloak.v2/login/login.ftl Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Erik Jan de Wit <edewit@redhat.com> * Update themes/src/main/resources/theme/keycloak.v2/login/login.ftl Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Erik Jan de Wit <edewit@redhat.com> * Update themes/src/main/resources/theme/keycloak.v2/login/login.ftl Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Erik Jan de Wit <edewit@redhat.com> * Update themes/src/main/resources/theme/keycloak.v2/login/login.ftl Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Signed-off-by: Erik Jan de Wit <edewit@redhat.com> Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> --------- Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> Signed-off-by: Erik Jan de Wit <edewit@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2024-09-10 13:05:14 +02:00
Thomas Darimont	6b83a45b2e	Propagate locale when using app initiated registration URL Fixes #13505 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-09-10 12:25:17 +02:00
Martin Kanis	ccb166d0e9	Add caching when querying brokers by organization Closes #32574 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-09-09 09:24:43 -03:00
mposolda	03e0fb0601	Fix ResetOtpTest closes #32615 Signed-off-by: mposolda <mposolda@gmail.com>	2024-09-09 10:19:37 +02:00
Alexander Schwartz	b88ecc0237	Removing the extra two-minute Window for persistent user sessions (#32660 ) Closes #28418 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Michal Hajas <mhajas@redhat.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2024-09-09 09:28:48 +02:00
mposolda	e1d5f0c871	Fix ResetPasswordTest on chrome 128 closes #32514 closes #32478 closes #32477 closes #32678 closes #32542 closes #32678 closes #32541 Signed-off-by: mposolda <mposolda@gmail.com>	2024-09-06 20:19:50 +02:00
Steven Hawkins	58d742bb5c	fix: refining v2 hostname validation (#32659 ) closes: #32643 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-09-06 17:49:25 +02:00
Giuseppe Graziano	a14548a7a2	Lightweight access tokens for Admin REST API (#32347 ) * Lightweight access tokens for Admin REST API Closes #31513 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-09-04 18:04:23 +02:00
Stefan Guilhen	e7a4635620	Filter out org brokers from the account console - org-linked brokers should not be available for login - prepare the endpoint for search/pagination Closes #31944 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-09-04 09:00:52 -03:00
Alexander Schwartz	4d1e1e0bcb	Show details for error messages where they were missing (#32534 ) Closes #32533 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-09-04 07:23:54 -04:00
Stefan Guilhen	557d7e87b2	Avoid iterating through all mappers when running the config event listeners Closes #32233 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-09-04 07:40:58 -03:00
Theresa Henze	a1c23fef8c	introduce event types to update/remove credentials Closes #10114 Signed-off-by: Theresa Henze <theresa.henze@bare.id>	2024-09-03 18:27:27 +02:00
Pedro Ruivo	ba861fc5d7	Remove version() projection from Ickle Queries Closes #32590 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-09-03 18:07:32 +02:00
Thomas Darimont	88a5c96fff	Add `kc_action` to redirect URI after a required action is cancelled (#31925 ) Closes #31894 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-09-03 14:26:23 +00:00
Martin Bartoš	db7694e7be	Update the welcome page to create a temporary admin user (#32283 ) Closes #30010 Signed-off-by: Martin Bartoš <mabartos@redhat.com> Co-authored-by: Stan Silvert <ssilvert@redhat.com>	2024-09-03 09:43:41 +02:00
Pedro Igor	4b5b1a4c25	Unignore backchannel logout tests Closes #20643 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-09-02 08:34:21 +02:00
Jon Koops	2d17024b14	Remove `redirect_uri` support from OIDC logout endpoint Closes #10983 Signed-off-by: Jon Koops <jonkoops@gmail.com> Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2024-08-30 12:52:49 +00:00
Martin Kanis	e7d71d43c3	Identity Provider secret visible in Organization tab (API request) Closes #32486 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-30 09:26:25 -03:00
Douglas Palmer	0b7ab47cf2	Flaky test BruteForceTest.testPermanentLockout() Closes #32498 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-08-30 10:14:05 +02:00
Douglas Palmer	ecbd856176	Brute force protection: Lockout permanently uses parameters configured under lockout temporarily Closes #30969 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-08-29 16:30:22 +02:00
Stefan Guilhen	a41b622aa5	Set the correct realm when setting up client exchange permissions Closes #32465 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-29 16:09:23 +02:00
Erik Jan de Wit	e410a83c3c	Made the login more modular Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-08-29 07:18:24 -04:00
Martin Kanis	7e6dd682d4	Validate organization alias for forbidden chars Closes #32392 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-28 21:59:38 +02:00
mposolda	cd947ce3bc	Removing policy-enforcer from Keycloak repository closes #32191 Signed-off-by: mposolda <mposolda@gmail.com>	2024-08-28 07:40:20 -03:00
Pedro Igor	449557290b	More options to organization scope mapper including adding organization attributes to tokens Closes #31642 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-27 09:40:55 -03:00
Stefan Guilhen	88cca10472	Rename IDPSpi to IdentityProviderStorageSpi Closes #31639 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-26 15:10:09 -03:00
Giuseppe Graziano	c2c74faec0	Removing BOM character from SAML entity descriptor Closes #30604 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-08-26 10:59:05 +02:00
Erik Jan de Wit	776a491989	added organizations table to account (#32311 ) * added organizations table to account Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-22 15:44:03 -03:00
Michal Hajas	f5b2775939	Enable persistent sessions by default Run CI with the feature disabled to test also the old settings Closes #32265 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2024-08-21 17:37:54 +02:00
Erik Jan de Wit	e2d7a94459	Hynek's notes Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-08-21 08:50:01 -04:00
Pedro Igor	c1f6d5ca64	Support for selecting an organization when requesting the organization scope Closes #31438 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-21 13:04:58 +02:00
Pedro Igor	4376a3c757	Add an endpoint to the organizations endpoint to return the organizations for a given user Closes #32158 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-20 11:11:14 -03:00
Pedro Igor	eeae50fb43	Make sure federationLink always map to the storage provider associated with federated users Closes #31670 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-20 11:27:22 +02:00
Martin Bartoš	bf5cf47351	Management Interface is turned on even though nothing is exposed on it (#31938 ) * Management Interface is turned on even though nothing is exposed on it Fixes #31818 Signed-off-by: Martin Bartoš <mabartos@redhat.com> * Remove conditional enablement, add relevancy description Signed-off-by: Martin Bartoš <mabartos@redhat.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2024-08-19 15:52:59 +02:00
Stefan Guilhen	fa7c2b5da6	Address review comments Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-19 09:06:35 -03:00
Stefan Guilhen	6e7b36e82f	Add migration tests for the IDP changes Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-19 09:06:35 -03:00
Stefan Guilhen	f82159cf65	Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code. Closes #32090 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-19 09:06:35 -03:00
Pedro Igor	8e0436715c	Support for ALL and ANY organization scope values Related #31438 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-19 08:45:23 -03:00
mposolda	3d787727f9	Add acr scope to all clients for those migrating from older than Keycloak 18 closes #31107 Signed-off-by: mposolda <mposolda@gmail.com>	2024-08-16 12:17:43 +02:00
himanshi1099	7459992e40	Realm update validation for incorrect timeout values (#32137 ) closes #31595 Signed-off-by: Himanshi Gupta <higupta@redhat.com>	2024-08-16 08:58:27 +02:00
Stefan Guilhen	aeb1951aba	Replace calls to deprecated RealmModel IDP methods - use the new provider instead Closes #31254 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-15 10:55:36 -03:00
Pedro Igor	96acc62c00	Support for resolving organization based on the organization scope Closes #31438 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-15 10:32:15 -03:00
Stian Thorgersen	310824cc2b	Remove legacy cookies Closes #16770 Signed-off-by: stianst <stianst@gmail.com> Signed-off-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-08-15 15:27:38 +02:00
Martin Kanis	708a6898db	Add a count method to the OrganizationMembersResource Closes #31388 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-15 09:12:57 -03:00
Yoshiyuki Tabata	cb6eb187ac	Client Policy - Condition : Client - Client Attribute Closes https://github.com/keycloak/keycloak/issues/31766 Signed-off-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com>	2024-08-14 09:56:56 +02:00
Pedro Igor	d04d2bb852	Allow removing users federated from a kerberos provider Closes #31603 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-13 18:47:55 +02:00
Pedro Ruivo	e13c9bf462	Retry remote cache operations with back off Implement a retry mechanism for remote cache writes. Fixes #32030 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-08-13 15:55:59 +02:00
rmartinc	a38d3b2f55	SAML IdMapperUpdaterSessionListener should be added always and must implement HttpSessionIdListener interface Closes #32084 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-13 15:53:45 +02:00
Pedro Ruivo	07c92c85cb	Drop AuthenticatedClientSessionStore from user sessions New entities for client and user sessions, more query friendly. The client sessions are found using query instead of storing them in the user session entity. Remove of sessions by its field is done based on queries. Closes #30934 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-08-12 20:35:50 +02:00
rmartinc	347f595913	Add ECDH-ES encyption algorithms to the java keystore key provider Closes #32023 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-09 15:57:51 +02:00
Martin Kanis	da0864682a	Conditionally redirect existing users to a broker based on their credentials Closes #31006 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-09 07:59:25 -03:00

1 2 3 4 5 ...

7012 commits