mposolda
1213556eff
Fixes for UsernameIDNHomographValidator
...
closes #26564
Signed-off-by: mposolda <mposolda@gmail.com>
2024-01-30 14:30:28 +01:00
Chris Tanaskoski
5373f3c97a
Don't fail reset credentials action upon first broker login without EXISTING_USER_INFO
( #26324 )
...
The ResetCredentialsActionTokenHandler depends upon the `EXISTING_USER_INFO` through `AbstractIdpAuthenticator.getExistingUser` solely to log the username. However, if the first broker login flow does not include a `IdpCreateUserIfUniqueAuthenticator` or `IdpDetectExistingBrokerUserAuthenticator`, the `EXISTING_USER_INFO` is never set.
This commit does not attempt to fetch the existing user if we don't have this info set.
Closes #26323
Signed-off-by: Chris Tanaskoski <chris@devristo.com>
2024-01-30 11:16:52 +00:00
Erik Jan de Wit
02d86d1d8f
removed revocation ( #26459 )
...
fixes : #17734
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-30 10:49:39 +01:00
dependabot[bot]
4716c956b0
Bump @typescript-eslint/parser from 6.19.1 to 6.20.0 in /js
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 6.19.1 to 6.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.20.0/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 10:32:10 +01:00
dependabot[bot]
321f0088c4
Bump @testing-library/jest-dom from 6.3.0 to 6.4.0 in /js
...
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom ) from 6.3.0 to 6.4.0.
- [Release notes](https://github.com/testing-library/jest-dom/releases )
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md )
- [Commits](https://github.com/testing-library/jest-dom/compare/v6.3.0...v6.4.0 )
---
updated-dependencies:
- dependency-name: "@testing-library/jest-dom"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 10:15:17 +01:00
dependabot[bot]
1d4458763b
Bump i18next from 23.8.0 to 23.8.1 in /js
...
Bumps [i18next](https://github.com/i18next/i18next ) from 23.8.0 to 23.8.1.
- [Release notes](https://github.com/i18next/i18next/releases )
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next/compare/v23.8.0...v23.8.1 )
---
updated-dependencies:
- dependency-name: i18next
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 10:14:48 +01:00
dependabot[bot]
eb7a3cf6c9
Bump @typescript-eslint/eslint-plugin from 6.19.1 to 6.20.0 in /js
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 6.19.1 to 6.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.20.0/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 10:13:54 +01:00
Steven Hawkins
00ea73d6ba
fix: increases another timeout to accomodate for the transaction timeout ( #26566 )
...
closes : #26529
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-30 09:16:34 +01:00
Dipesh Singh
7e021730c7
Show displayName
of realm on welcome page ( #26562 )
...
Closes #25897
Signed-off-by: dipeshsingh253 <sinhdipesh@gmail.com>
2024-01-29 19:23:08 +01:00
Steven Hawkins
ed96b13312
fix: preservation of the command line in the --optimized suggestion ( #26163 )
...
closes #26140
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-29 13:48:53 +01:00
TheKeeroll
13b8db0026
typo fix ( #26526 )
...
Signed-off-by: TheKeeroll <57570053+TheKeeroll@users.noreply.github.com>
2024-01-29 11:40:21 +00:00
Réda Housni Alaoui
eff289be1c
Effective email address missing from email confirmation French translation ( #26551 )
...
Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
2024-01-29 11:31:14 +01:00
Stian Thorgersen
0fb6bdfcac
Cookie Provider - move remaining cookies ( #26531 )
...
Closes #26500
Signed-off-by: stianst <stianst@gmail.com>
2024-01-29 11:06:37 +01:00
dependabot[bot]
d7ed09fbea
Bump wireit from 0.14.3 to 0.14.4 in /js
...
Bumps [wireit](https://github.com/google/wireit ) from 0.14.3 to 0.14.4.
- [Changelog](https://github.com/google/wireit/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google/wireit/compare/v0.14.3...v0.14.4 )
---
updated-dependencies:
- dependency-name: wireit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 10:39:39 +01:00
dependabot[bot]
51a596dd15
Bump vitest from 1.2.1 to 1.2.2 in /js
...
Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest ) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/vitest-dev/vitest/releases )
- [Commits](https://github.com/vitest-dev/vitest/commits/v1.2.2/packages/vitest )
---
updated-dependencies:
- dependency-name: vitest
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 10:38:24 +01:00
dependabot[bot]
9fa743bec3
Bump chai from 5.0.0 to 5.0.3 in /js ( #26518 )
...
Bumps [chai](https://github.com/chaijs/chai ) from 5.0.0 to 5.0.3.
- [Release notes](https://github.com/chaijs/chai/releases )
- [Changelog](https://github.com/chaijs/chai/blob/main/History.md )
- [Commits](https://github.com/chaijs/chai/compare/v5.0.0...v5.0.3 )
---
updated-dependencies:
- dependency-name: chai
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-29 09:36:12 +00:00
dependabot[bot]
01bb6726ea
Bump i18next from 23.7.19 to 23.8.0 in /js
...
Bumps [i18next](https://github.com/i18next/i18next ) from 23.7.19 to 23.8.0.
- [Release notes](https://github.com/i18next/i18next/releases )
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next/compare/v23.7.19...v23.8.0 )
---
updated-dependencies:
- dependency-name: i18next
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 10:16:53 +01:00
dependabot[bot]
39b1c830e4
Bump @types/node from 20.11.6 to 20.11.10 in /js
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 20.11.6 to 20.11.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 10:16:38 +01:00
dependabot[bot]
0178a91f66
Bump @faker-js/faker from 8.3.1 to 8.4.0 in /js ( #26521 )
...
Bumps [@faker-js/faker](https://github.com/faker-js/faker ) from 8.3.1 to 8.4.0.
- [Release notes](https://github.com/faker-js/faker/releases )
- [Changelog](https://github.com/faker-js/faker/blob/next/CHANGELOG.md )
- [Commits](https://github.com/faker-js/faker/compare/v8.3.1...v8.4.0 )
---
updated-dependencies:
- dependency-name: "@faker-js/faker"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-26 19:15:05 +01:00
dependabot[bot]
1db2c50512
Bump @types/node from 20.11.5 to 20.11.6 in /js ( #26480 )
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 20.11.5 to 20.11.6.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-26 19:12:17 +01:00
Lex Cao
cf3f05a259
Skip grant role if exists for federated storage ( #26508 )
...
Closes #26507
Signed-off-by: Lex Cao <lexcao@foxmail.com>
2024-01-26 17:08:47 +00:00
Fouad Almalki
b7d2010af7
Add missing Arabic translations ( #26486 )
...
Closes #26485
Signed-off-by: Fouad Almalki <me@fouad.io>
2024-01-26 10:08:02 +00:00
Stian Thorgersen
bc3c27909e
Cookie Provider ( #26499 )
...
Closes #26500
Signed-off-by: stianst <stianst@gmail.com>
2024-01-26 10:45:00 +01:00
Bruno Oliveira da Silva
3655268e4d
Ensure that the CNCF Code of Conduct are explicitly referenced at the project's README on GitHub
...
Closes #26268
Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2024-01-25 16:22:04 -03:00
dependabot[bot]
758e4e9056
Bump i18next from 23.7.18 to 23.7.19 in /js ( #26481 )
...
Bumps [i18next](https://github.com/i18next/i18next ) from 23.7.18 to 23.7.19.
- [Release notes](https://github.com/i18next/i18next/releases )
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next/compare/v23.7.18...v23.7.19 )
---
updated-dependencies:
- dependency-name: i18next
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-25 17:30:37 +00:00
dependabot[bot]
1f290a81f9
Bump js-sha256 from 0.10.1 to 0.11.0 in /js ( #26478 )
...
Bumps [js-sha256](https://github.com/emn178/js-sha256 ) from 0.10.1 to 0.11.0.
- [Changelog](https://github.com/emn178/js-sha256/blob/master/CHANGELOG.md )
- [Commits](https://github.com/emn178/js-sha256/compare/v0.10.1...v0.11.0 )
---
updated-dependencies:
- dependency-name: js-sha256
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-25 18:08:41 +01:00
dependabot[bot]
9fec709501
Bump vite-plugin-dts from 3.7.1 to 3.7.2 in /js ( #26482 )
...
Bumps [vite-plugin-dts](https://github.com/qmhc/vite-plugin-dts ) from 3.7.1 to 3.7.2.
- [Release notes](https://github.com/qmhc/vite-plugin-dts/releases )
- [Changelog](https://github.com/qmhc/vite-plugin-dts/blob/main/CHANGELOG.md )
- [Commits](https://github.com/qmhc/vite-plugin-dts/compare/v3.7.1...v3.7.2 )
---
updated-dependencies:
- dependency-name: vite-plugin-dts
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-25 18:07:57 +01:00
dependabot[bot]
45466a1707
Bump @testing-library/jest-dom from 6.2.1 to 6.3.0 in /js ( #26479 )
...
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom ) from 6.2.1 to 6.3.0.
- [Release notes](https://github.com/testing-library/jest-dom/releases )
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md )
- [Commits](https://github.com/testing-library/jest-dom/compare/v6.2.1...v6.3.0 )
---
updated-dependencies:
- dependency-name: "@testing-library/jest-dom"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-25 18:05:28 +01:00
Marek Posolda
651d99db25
Allow selecting attributes from user profile when managing token mappers ( #26415 )
...
* Allow selecting attributes from user profile when managing token mappers
closes #24250
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-01-25 17:01:02 +01:00
Martin Kanis
7797f778d1
Map Store Removal: Rename legacy modules
...
Closes #24107
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-25 16:29:16 +01:00
Erik Jan de Wit
28c9f98930
moved login screen to patternfly 5 ( #25340 )
...
* moved login screen to patternfly 5
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* added Feature flag to enable login v2
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* removed the old css and only include logo and background styles
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* changed to experimental
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* added login2
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* added windows help texts
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
---------
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-25 13:45:53 +01:00
Ricardo Martin
b58f35fb47
Revert "Enable verify profile required action by default for new realms" ( #26495 )
...
This reverts commit 7f195acc14
.
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-25 12:28:16 +01:00
Sol Roberts
29bc02a699
fix http_tlsSecret example for operator ( #26282 )
...
Signed-off-by: BadgerOps <github@badgerops.net>
2024-01-25 11:10:56 +01:00
Stefan Wiedemann
efa6ddc41e
Create SPI and Provider for Verifiable Credentials Signing #25937 ( #26263 )
...
* implement oid4vci service interfaces
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* add oid4vc to the disabled features test
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* fix test and add doc
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* add the new preview feature
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* add class-level doc
remove wildcard imports
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* add license headers
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* fix year
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* fix teste
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* two additional test fixes
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* make the feature experimental
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* remove clock
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* remove usage of var
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* fix tests
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
---------
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
2024-01-25 07:36:28 +01:00
Stian Thorgersen
cbfdae5e75
Remove support for multiple AUTH_SESSION_ID cookies ( #26462 )
...
Closes #26457
Signed-off-by: stianst <stianst@gmail.com>
2024-01-25 06:58:42 +01:00
rmartinc
7f195acc14
Enable verify profile required action by default for new realms
...
Closes #25985
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-24 20:28:06 +01:00
Thomas Darimont
e7363905fa
Change password hashing defaults according to OWASP recommendations ( #16629 )
...
Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2 ):
- Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512
- Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000
- Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000
- Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000
- Adapt PasswordHashingTest to new defaults
- The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations.
- Document changes in changes document with note on performance and how
to keep the old behaviour.
- Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly
Fixes #16629
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-01-24 18:35:51 +01:00
Stian Thorgersen
208e3a6529
Exclude ubuntu-latest (sanity-check-zip) as it is running the full zip ( #26463 )
...
Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 16:48:41 +00:00
Peter Zaoral
d23383e79c
Stabilizing the FipsDistTest
...
* increased the timeout to let Keycloak stop
Closes #26374
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-01-24 16:54:56 +01:00
Václav Muzikář
7a57bfb504
Fix createdAt
format in Operator CSV ( #26428 )
...
Closes #26427
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-01-24 16:41:44 +01:00
Florian Garcia
af0b9164e3
fix: hardcoded conditional rendering of client secret input field ( #25776 )
...
Closes #22660
Signed-off-by: ImFlog <garcia.florian.perso@gmail.com>
Co-authored-by: useresd <yousifmagdi@gmail.com>
2024-01-24 16:30:22 +01:00
agagancarczyk
4061abf588
fixed bug ( #26453 )
...
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-24 12:59:32 +00:00
Stian Thorgersen
85ddac26ed
Remove code that expires old cookie paths ( #26444 )
...
Closes #26416
Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 13:43:03 +01:00
vickeybrown
86098242a5
Added Client Type feature flag to begin client type work ( #26389 )
...
* Added Client Type feature flag to begin client type work
Closes #26346
Signed-off-by: vibrown <vibrown@redhat.com>
* Fixed formatting issue
Signed-off-by: vibrown <vibrown@redhat.com>
* Updated HelpCommandDistTest messages
Signed-off-by: vibrown <vibrown@redhat.com>
* Fixed formatting on HelpCommandDistTest messages
Signed-off-by: vibrown <vibrown@redhat.com>
---------
Signed-off-by: vibrown <vibrown@redhat.com>
2024-01-24 12:07:07 +00:00
Lex Cao
142c14138f
Add verify email required action for IdP email verification
...
Closes #26418
Signed-off-by: Lex Cao <lexcao@foxmail.com>
2024-01-24 12:15:09 +01:00
Takashi Norimatsu
b99f45ed3d
Supporting EdDSA
...
closes #15714
Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
Co-authored-by: Muhammad Zakwan Bin Mohd Zahid <muhammadzakwan.mohdzahid.fg@hitachi.com>
Co-authored-by: rmartinc <rmartinc@redhat.com>
2024-01-24 12:10:41 +01:00
Erik Jan de Wit
3b3eef2560
Added data-testid to expandable nav ( #26445 )
...
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-24 11:54:17 +01:00
Stian Thorgersen
fea49765f0
Remove Jetty 9.4 adapters ( #26261 )
...
Only removing the distribution of the Jetty adapter for now, and leaving the rest for now. This is due to the complexity of removing all Jetty adapter code due to Spring, OSGI, Fuse, testsuite, etc. and it will be better to leave the rest of the clean-up to after 24 when we are removing most adapters
Closes #26255
Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 11:17:29 +01:00
Douglas Palmer
ee5593a88f
CVE-2022-1471- SnakeYaml remote code execution by sending malicious YAML content
...
Closes #25261
Signed-off-by: Douglas Palmer dpalmer@redhat.com
2024-01-24 11:08:17 +01:00
Peter Keuter
21bdea3b71
Groups should be clickable when user has view-access on the group ( #26033 )
...
Closes #26040
Signed-off-by: Peter Keuter <github@peterkeuter.nl>
2024-01-24 09:17:39 +00:00