Commit graph

25411 commits

Author SHA1 Message Date
mruzicka
53fa901a11
fix: Use correct property for sub-flow name (#30948)
Signed-off-by: Michal Růžička <michal.ruza@gmail.com>
2024-07-01 14:47:54 +01:00
agagancarczyk
4924847676
Enhanced associated roles (#30968)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-07-01 14:38:42 +01:00
agagancarczyk
0d6ecab862
fixed rendering of granted client scopes in User Consents (#30864)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-07-01 15:28:35 +02:00
agagancarczyk
3874a141f1
Added some fun-tuning of Permissions table of Authorization (#30894)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-07-01 15:20:31 +02:00
Peter Zaoral
add45a25a8
Add default CPU limit/request for the operator (#30601)
Closes: #27432

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-07-01 15:12:43 +02:00
Stan Silvert
fd8cb95595
Allow FGA with view-clients to see client roles (#30834)
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
2024-07-01 08:50:30 -04:00
Erik Jan de Wit
ea0f569bd0
changed X to link to organization (#30648)
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-07-01 13:22:46 +02:00
Erik Jan de Wit
213b4ca6d1
reset form instead of adding to it (#30650)
fixes: #30550

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-07-01 10:49:04 +02:00
Erik Jan de Wit
cb048c9700
don't show if there is a displayName set (#30647)
fixes: #30582

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-07-01 10:48:10 +02:00
Hynek Mlnarik
287916997e Show admin console header if serverinfo is forbidden
Fixes: #30683

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-06-28 20:22:16 +02:00
Steven Hawkins
d534860e2b
fix: admin cli client should set the content when performing a merge (#30539)
closes: #29878

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-06-28 15:56:07 +02:00
Pedro Igor
cc2ccc87b0 Filtering organization groups when managing or processing groups
Closes #30589

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-28 10:27:18 -03:00
Christoph Schulz
657aff787f
Add missing comma to (#30914)
Signed-off-by: Christoph Schulz <mail@ciis0.de>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2024-06-28 13:13:13 +00:00
Steven Hawkins
aae1fa1417
fix: addresses cli erroneously wants a secret when env password is set (#30892)
closes: #30866

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-06-28 11:48:42 +02:00
Thomas Darimont
690c6051bb Fix scope policy evaluation for client to client token exchange (#26435)
Previously the scope from the token was not set available in the ClientModelIdentity attributes.
This caused the NPE in `org.keycloak.authorization.policy.provider.clientscope.ClientScopePolicyProvider.hasClientScope`(..)
when calling `identity.getAttributes().getValue("scope")`.

We now pass the provided decoded AccessToken down to the ClientModelIdentity creation
to allow to populate the required scope attribute.

We also ensure backwards compatibility for ClientPermissionManagement API.

Fixes #26435

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-06-28 10:33:20 +02:00
Pedro Ruivo
829e12b857 Incorrect order when instantiate ClientRemovedEvent
* Fix incorrect order in ClientRemovedEvent constructor
* Do not send an event if the events list is empty

Closes #30840

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-06-28 09:51:02 +02:00
Václav Muzikář
bce7a29035
Document how Admin REST API endpoints work with Hostname config
Closes #30537

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-06-28 09:31:41 +02:00
dependabot[bot]
da7de7abd1 Bump vite from 5.3.1 to 5.3.2
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.3.1 to 5.3.2.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.3.2/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-28 08:40:17 +02:00
mposolda
f1b8a983d2 Cleanup mod_auth_mellon from the testsuite
closes #30869

Signed-off-by: mposolda <mposolda@gmail.com>
2024-06-28 08:33:36 +02:00
Stan Silvert
a1445cd93f
Minor doc fix. (#30899)
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
2024-06-27 16:18:32 -04:00
Douglas Palmer
7a8c7502d2 Cleanup of adapter-spi module?
Closes#30871

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-06-27 19:41:30 +02:00
Pascal Knüppel
c4ebd0cd0c
Add event for ClientScope created (#30715)
closes #30795 

Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
2024-06-27 19:05:29 +02:00
Douglas Palmer
220f32aa85 Cleanup of adapter pages
Closes #30870

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-06-27 18:57:22 +02:00
Douglas Palmer
601355d517 Flaky test: org.keycloak.testsuite.oauth.TokenIntrospectionTest#testUnsupportedToken
Closes #30111

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-06-27 18:41:48 +02:00
andymunro
30264c7dd4
Remove inclusive language foreword
Closes #30856

Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-06-27 15:22:03 +02:00
mposolda
7279f2092e Cleanup of test-apps and related adapter code
closes #30867

Signed-off-by: mposolda <mposolda@gmail.com>
2024-06-27 15:10:31 +02:00
Marek Posolda
644bdad2f1 Update integration/admin-client-jee/pom.xml
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-06-27 11:00:30 +02:00
mposolda
3c3f59f861 Move some server related logic from info representation classes to server codebase
Signed-off-by: mposolda <mposolda@gmail.com>
2024-06-27 11:00:30 +02:00
mposolda
e5a4c94f75 Added suffix to keycloak-admin-client artifacts in keycloak repository
Signed-off-by: mposolda <mposolda@gmail.com>
2024-06-27 11:00:30 +02:00
MWarnecke
c5fc9f2962
Use provided scope for maven-plugin dependencies
* use provided scope for maven dependencies

As the maven-plugin-plugin suggests, dependencies to the maven runtime
should be in provided scope.

This gets rid of the according warning which was written during build.

Before Maven 3.9, plexus-utils was injected in the classpath at runtime.
As of Maven 3.9 this is not the case anymore which broke the plugin due
to a usage of said dependency. The only usage is replaced by a visitor
to copy files.

Closes #30542

Signed-off-by: Michael Warnecke <WarneckeMichael@web.de>

* Guides need to see maven's Log class

Signed-off-by: Michael Warnecke <WarneckeMichael@web.de>

---------

Signed-off-by: Michael Warnecke <WarneckeMichael@web.de>
2024-06-27 09:50:19 +02:00
dependabot[bot]
fa47d1a416 Bump mocha from 10.5.1 to 10.5.2
Bumps [mocha](https://github.com/mochajs/mocha) from 10.5.1 to 10.5.2.
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mochajs/mocha/compare/v10.5.1...v10.5.2)

---
updated-dependencies:
- dependency-name: mocha
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-27 08:32:58 +02:00
Moises Rodriguez
d924db0b0b
Add REST API error message to NetworkError (#30720)
Closes #30829

Signed-off-by: moises <moises@signot.com>
2024-06-26 21:49:01 +00:00
Lukas Hanusovsky
2915a03c6b
Removing chrome-install dependency from GH actions, and Chrome and Firefox webdriver system property from CI workflow
Closes #30408

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
2024-06-26 18:08:07 +00:00
Hynek Mlnarik
f65af84191 Conditionally show Client Offline Session Max
Fixes: #30521

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-06-26 19:06:27 +02:00
Martin Bartoš
0a888512a8
New operator failing on health checks (#30709)
Closes #30355

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2024-06-26 15:46:48 +00:00
Jon Koops
cd0dbdf264
Use the Keycloak server URL for common resources (#30823)
Closes #30541

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-06-26 14:52:25 +00:00
jade
261bc41af2
messages: Correct {Client,Realm} Role prefix description to make sense (#30277)
It's unclear from the previous description that this field is used to
prepend things to the names in the token.

Signed-off-by: Jade Lovelace <software@lfcode.ca>
Co-authored-by: agagancarczyk <4890675+agagancarczyk@users.noreply.github.com>
2024-06-26 14:24:58 +01:00
rmartinc
c20dbc5c32 Add availability for features and make kerberos use it
Closes #30730

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-06-26 14:33:38 +02:00
agagancarczyk
ca26524259
Restored multivalued switch on create attribute (#30811)
* restored multivalued switch

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* small cleanup

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-06-26 14:30:11 +02:00
etiksouma
d34e468a57
Rename label on realm details page (#28106)
Closes #28106

Signed-off-by: etiksouma <al@mouskite.com>
2024-06-26 12:31:42 +02:00
Martin Bartoš
30fdba00b5
Describe mTLS overrides for the management interface (#30735)
Closes #30094

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-06-26 12:02:36 +02:00
Alexander Schwartz
1edf444bc8
Re-augment at start after a previous dev mode (#30461)
Closes #30460

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-06-26 09:00:54 +00:00
dependabot[bot]
1dcd07aa13 Bump @types/node from 20.14.8 to 20.14.9
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.14.8 to 20.14.9.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-26 09:26:33 +02:00
dependabot[bot]
1f5c9d56ca Bump mocha from 10.5.0 to 10.5.1
Bumps [mocha](https://github.com/mochajs/mocha) from 10.5.0 to 10.5.1.
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mochajs/mocha/compare/v10.5.0...v10.5.1)

---
updated-dependencies:
- dependency-name: mocha
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-06-26 09:26:21 +02:00
Romain LABAT
6615691c63
Support for service accounts when fetch roles is enabled (#30687)
Support for service accounts when fetch roles is enabled

Signed-off-by: Romain LABAT <contact@romainlabat.fr>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-25 18:00:26 -03:00
Ahana Mallik
4be058a3dd
Prevent double submit in new client form (#30438)
Closes #20371

Signed-off-by: Ahana Mallik <ahanamallik@gmail.com>
2024-06-25 18:37:08 +00:00
Steven Hawkins
bc38b5db1b
fix: add proxy env propagation (#30741)
* fix: add proxy env propagation

closes: #30165

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Update operator/src/main/java/org/keycloak/operator/controllers/KeycloakDeploymentDependentResource.java

Co-authored-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-06-25 18:02:27 +02:00
Jade Lovelace
32e3063a6d
ui: make Scope Details page's Description a textarea, like Roles' (#30273)
The Scope Details page had its description field as a single line text
field. This is inconsistent with the Roles page, which has it as a
textarea allowing multiline editing.

It's true that the character limit is 255 (which is way too short and
should probably be changed imo) but newlines are useful in tweets too :)

Signed-off-by: Jade Lovelace <software@lfcode.ca>
2024-06-25 13:59:52 +00:00
Douglas Palmer
5af3001122 Check if OSGI metadata can be removed entirely
Closes #29104

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-06-25 14:12:33 +02:00
Stephan Schreiber
dada291b46
Replace js-sha256 dependency with @noble/hashes in Keycloak JS (#30667)
Closes #15769

Signed-off-by: Stephan Schreiber <schreibse@gmail.com>
2024-06-25 13:44:17 +02:00