keycloak-scim

Author	SHA1	Message	Date
rmartinc	7f195acc14	Enable verify profile required action by default for new realms Closes #25985 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-01-24 20:28:06 +01:00
Thomas Darimont	e7363905fa	Change password hashing defaults according to OWASP recommendations (#16629 ) Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2): - Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512 - Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000 - Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000 - Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000 - Adapt PasswordHashingTest to new defaults - The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations. - Document changes in changes document with note on performance and how to keep the old behaviour. - Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly Fixes #16629 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-01-24 18:35:51 +01:00
Stian Thorgersen	208e3a6529	Exclude ubuntu-latest (sanity-check-zip) as it is running the full zip (#26463 ) Signed-off-by: stianst <stianst@gmail.com>	2024-01-24 16:48:41 +00:00
Peter Zaoral	d23383e79c	Stabilizing the FipsDistTest * increased the timeout to let Keycloak stop Closes #26374 Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2024-01-24 16:54:56 +01:00
Václav Muzikář	7a57bfb504	Fix `createdAt` format in Operator CSV (#26428 ) Closes #26427 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>	2024-01-24 16:41:44 +01:00
Florian Garcia	af0b9164e3	fix: hardcoded conditional rendering of client secret input field (#25776 ) Closes #22660 Signed-off-by: ImFlog <garcia.florian.perso@gmail.com> Co-authored-by: useresd <yousifmagdi@gmail.com>	2024-01-24 16:30:22 +01:00
agagancarczyk	4061abf588	fixed bug (#26453 ) Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>	2024-01-24 12:59:32 +00:00
Stian Thorgersen	85ddac26ed	Remove code that expires old cookie paths (#26444 ) Closes #26416 Signed-off-by: stianst <stianst@gmail.com>	2024-01-24 13:43:03 +01:00
vickeybrown	86098242a5	Added Client Type feature flag to begin client type work (#26389 ) * Added Client Type feature flag to begin client type work Closes #26346 Signed-off-by: vibrown <vibrown@redhat.com> * Fixed formatting issue Signed-off-by: vibrown <vibrown@redhat.com> * Updated HelpCommandDistTest messages Signed-off-by: vibrown <vibrown@redhat.com> * Fixed formatting on HelpCommandDistTest messages Signed-off-by: vibrown <vibrown@redhat.com> --------- Signed-off-by: vibrown <vibrown@redhat.com>	2024-01-24 12:07:07 +00:00
Lex Cao	142c14138f	Add verify email required action for IdP email verification Closes #26418 Signed-off-by: Lex Cao <lexcao@foxmail.com>	2024-01-24 12:15:09 +01:00
Takashi Norimatsu	b99f45ed3d	Supporting EdDSA closes #15714 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com> Co-authored-by: Muhammad Zakwan Bin Mohd Zahid <muhammadzakwan.mohdzahid.fg@hitachi.com> Co-authored-by: rmartinc <rmartinc@redhat.com>	2024-01-24 12:10:41 +01:00
Erik Jan de Wit	3b3eef2560	Added data-testid to expandable nav (#26445 ) Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-01-24 11:54:17 +01:00
Stian Thorgersen	fea49765f0	Remove Jetty 9.4 adapters (#26261 ) Only removing the distribution of the Jetty adapter for now, and leaving the rest for now. This is due to the complexity of removing all Jetty adapter code due to Spring, OSGI, Fuse, testsuite, etc. and it will be better to leave the rest of the clean-up to after 24 when we are removing most adapters Closes #26255 Signed-off-by: stianst <stianst@gmail.com>	2024-01-24 11:17:29 +01:00
Douglas Palmer	ee5593a88f	CVE-2022-1471- SnakeYaml remote code execution by sending malicious YAML content Closes #25261 Signed-off-by: Douglas Palmer dpalmer@redhat.com	2024-01-24 11:08:17 +01:00
Peter Keuter	21bdea3b71	Groups should be clickable when user has view-access on the group (#26033 ) Closes #26040 Signed-off-by: Peter Keuter <github@peterkeuter.nl>	2024-01-24 09:17:39 +00:00
Peter Keuter	a0bcf35236	fix: check actual subgroup rights when clicking a subgroup (#26230 ) Signed-off-by: Peter Keuter <github@peterkeuter.nl>	2024-01-24 07:30:47 +00:00
agagancarczyk	00fdb8e2f5	Fixed dropdown form in clients authorization policies tab (#26424 ) * fixed dropdown forms in clients authorization Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> * improved translations Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> * improved Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> --------- Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>	2024-01-24 07:49:27 +01:00
Steven Hawkins	93e90789fe	fix: auto-build not needed for build (#26099 ) closes #26075 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-01-23 17:56:34 +01:00
Jon Koops	ea5888ef38	Add missing translations for WebAuthN Passwordless in Account Console (#26421 ) Closes #26420 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-01-23 16:00:12 +00:00
Martin Kanis	84603a9363	Map Store Removal: Rename Legacy* classes (#26273 ) Closes #24105 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-01-23 13:50:31 +00:00
Jon Koops	5bf2d4b6ec	Enable PKCE by default for Keycloak JS (#26412 ) Closes #26411 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-01-23 14:04:13 +01:00
Thomas Darimont	cc7d6a9b79	Improve wording for Concepts for configuring thread pools in docs Closes #26402 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-23 12:56:55 +00:00
agagancarczyk	662c705d66	fixed typo (#26408 ) Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>	2024-01-23 11:22:23 +00:00
Jon Koops	4c5bf596aa	Ensure `key` prop of credentials list is unique (#26410 ) Closes #26409 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-01-23 11:08:20 +00:00
agagancarczyk	73e5c8290f	Fixed a11y violations and typos in translations for messages in the dialog message for disabling clients. (#26395 ) * fixed critical violations Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> * fixed more a11y violations Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> * renamed translation Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> * added area-label Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> * added area-label Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> * renamed spinners translation Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> --------- Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>	2024-01-23 09:28:50 +00:00
Peter Zaoral	d9f8a1bf4e	Testing Keycloak with nightly Quarkus releases (#23407 ) Closes #23322 Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2024-01-23 09:43:31 +01:00
dependabot[bot]	35d2be9468	Bump @typescript-eslint/parser from 6.19.0 to 6.19.1 in /js Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 6.19.0 to 6.19.1. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.19.1/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-23 08:11:55 +01:00
dependabot[bot]	6f00b7d280	Bump @testing-library/jest-dom from 6.2.0 to 6.2.1 in /js Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) from 6.2.0 to 6.2.1. - [Release notes](https://github.com/testing-library/jest-dom/releases) - [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md) - [Commits](https://github.com/testing-library/jest-dom/compare/v6.2.0...v6.2.1) --- updated-dependencies: - dependency-name: "@testing-library/jest-dom" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-23 07:53:53 +01:00
dependabot[bot]	6f290eafa0	Bump @typescript-eslint/eslint-plugin from 6.19.0 to 6.19.1 in /js Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 6.19.0 to 6.19.1. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.19.1/packages/eslint-plugin) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-23 07:53:24 +01:00
Sebastian Schuster	8807562593	Make role mapping tab visible with view user permissions (#26386 ) Co-authored-by: Salem Wafi <32916450+SalemWafi@users.noreply.github.com> Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>	2024-01-22 17:06:25 +01:00
Jon Koops	03b03f3ccd	Add missing translations for WebAuthN in Account Console (#26384 ) Closes #26383 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-01-22 16:04:22 +00:00
agagancarczyk	43053b8a82	Fixed translation for search box in clients authorization policies tab (#26387 ) * resolved conflict Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> * resolved conflict Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> --------- Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>	2024-01-22 16:10:37 +01:00
agagancarczyk	37e0f8f92b	Fixed resource and permission names and tooltip message (#26385 ) * fixed typo Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> * renamed key Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> --------- Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>	2024-01-22 15:47:18 +01:00
agagancarczyk	4a49759aa0	More a11y fixes (#26344 ) * fixed a11y violations Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> * fixed more a11y violations Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> * a11y fixes Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> * fixed a11y violations Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> * fixed more a11y violations Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> --------- Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com> Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>	2024-01-22 08:04:27 -05:00
Douglas Palmer	ffa069a33b	Invalidate authentication session on repeated Recovery Code failures Closes #26180 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-01-22 11:57:47 +01:00
Zhikai Chen	359ccc060d	Update Chinese Translation (#26297 ) Closes #26295 Signed-off-by: zhikaichen <czk1997@gmail.com>	2024-01-22 11:26:36 +01:00
Alexander Schwartz	e6cd9a2987	Remove product specific content about Linux only (#26222 ) Closes #26220 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-22 10:38:07 +01:00
dependabot[bot]	e4910b350e	Bump rollup from 4.9.5 to 4.9.6 in /js (#26370 ) Bumps [rollup](https://github.com/rollup/rollup) from 4.9.5 to 4.9.6. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollup/rollup/compare/v4.9.5...v4.9.6) --- updated-dependencies: - dependency-name: rollup dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-22 09:07:11 +00:00
dependabot[bot]	cbd90588e4	Bump rollup (#26371 ) Bumps [rollup](https://github.com/rollup/rollup) from 4.9.5 to 4.9.6. - [Release notes](https://github.com/rollup/rollup/releases) - [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md) - [Commits](https://github.com/rollup/rollup/compare/v4.9.5...v4.9.6) --- updated-dependencies: - dependency-name: rollup dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-01-22 09:47:47 +01:00
dependabot[bot]	01da3db357	Bump react-i18next from 14.0.0 to 14.0.1 in /js Bumps [react-i18next](https://github.com/i18next/react-i18next) from 14.0.0 to 14.0.1. - [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/react-i18next/compare/v14.0.0...v14.0.1) --- updated-dependencies: - dependency-name: react-i18next dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-22 09:46:59 +01:00
Erik Jan de Wit	37790c7956	Add a way to extend the UI with an Java API (#23772 ) * POC to see how we could extend the UI This is very crude and there are still open issues that need to be worked out Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * added saving option Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * added list and recreate client form Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * add tab ui Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * integrate tabs Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * remove examples Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * fixed error messages Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * added Feature for ui customization Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> --------- Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-01-22 08:19:58 +00:00
dependabot[bot]	96c882447d	Bump @playwright/test from 1.41.0 to 1.41.1 in /js Bumps [@playwright/test](https://github.com/microsoft/playwright) from 1.41.0 to 1.41.1. - [Release notes](https://github.com/microsoft/playwright/releases) - [Commits](https://github.com/microsoft/playwright/compare/v1.41.0...v1.41.1) --- updated-dependencies: - dependency-name: "@playwright/test" dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-22 09:15:56 +01:00
dependabot[bot]	a6cef9d3af	Bump jsdom from 23.2.0 to 24.0.0 in /js Bumps [jsdom](https://github.com/jsdom/jsdom) from 23.2.0 to 24.0.0. - [Release notes](https://github.com/jsdom/jsdom/releases) - [Changelog](https://github.com/jsdom/jsdom/blob/main/Changelog.md) - [Commits](https://github.com/jsdom/jsdom/compare/23.2.0...24.0.0) --- updated-dependencies: - dependency-name: jsdom dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-22 09:15:31 +01:00
dependabot[bot]	2bf805ae34	Bump i18next from 23.7.16 to 23.7.18 in /js Bumps [i18next](https://github.com/i18next/i18next) from 23.7.16 to 23.7.18. - [Release notes](https://github.com/i18next/i18next/releases) - [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md) - [Commits](https://github.com/i18next/i18next/compare/v23.7.16...v23.7.18) --- updated-dependencies: - dependency-name: i18next dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-22 09:14:58 +01:00
dependabot[bot]	afbf5c6af8	Bump vite from 5.0.11 to 5.0.12 in /js Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.0.11 to 5.0.12. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.0.12/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.0.12/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-01-22 09:14:07 +01:00
Stian Thorgersen	656e680019	Remove unused HttpResponse.setWriteCookiesOnTransactionComplete (#26326 ) Closes #26325 Signed-off-by: stianst <stianst@gmail.com>	2024-01-20 11:31:10 +01:00
Martin Bartoš	98be32d9ff	Parse default UserProfile configuration in the build time Closes #24890 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2024-01-19 17:05:59 -03:00
Douglas Palmer	e7d842ea32	Invalidate session secretly Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-01-19 15:44:35 -03:00
Douglas Palmer	18d0105de0	Invalidate authentication session on repeated OTP failures Closes #26177 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-01-19 15:44:35 -03:00
Jon Koops	972d198c45	Fix broken flow binding dialog (#26336 ) Closes #26335 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-01-19 14:41:29 +01:00

... 3 4 5 6 7 ...

24051 commits