libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
25259 commits 4 branches 5 tags 480 MiB
Commit graph

666 commits

Author SHA1 Message Date
Pedro Ruivo
5c0dddd837 Batch cluster events 
Sending multiple events in a single network request should minimize
latency and traffic.

Closes #30445

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-06-14 21:14:22 +02:00
Ryan Emerson
edde31a1ca Protobuf schema compatibility check (maven plugin) 
Closes #30243

Signed-off-by: Ryan Emerson <remerson@redhat.com>
 2024-06-14 17:46:58 +02:00
Pedro Ruivo
1b342e4c07 Fix compilation error 
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-06-13 16:44:56 -03:00
Pedro Ruivo
18a6c79011
Infinispan Protostream Marshaller (#29474) 
Closes #29394

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-06-13 18:02:46 +02:00
vramik
8f72a77582 getByMember 
Signed-off-by: vramik <vramik@redhat.com>
 2024-06-13 08:13:36 -03:00
vramik
de2fdbe98f cache count 
Signed-off-by: vramik <vramik@redhat.com>
 2024-06-13 08:13:36 -03:00
vramik
78eee0b145 rename jpaOrgDelegate to orgDelegate 
Signed-off-by: vramik <vramik@redhat.com>
 2024-06-13 08:13:36 -03:00
vramik
d355e38424 Provide a cache layer for the organization model 
Closes #30087

Signed-off-by: vramik <vramik@redhat.com>
 2024-06-13 08:13:36 -03:00
Giuseppe Graziano
6067f93984
Improvements to refresh token rotation with multiple tabs (#29966) 
Closes #14122

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-06-07 12:02:36 +02:00
Alexander Schwartz
1f6c939efd
Ignore unknown realms when migrating sessions (#30041) 2024-06-03 10:43:16 +02:00
mposolda
ea1cdc10bd MigrateTo25_0_0 does not complete within default transaction timeout 
closes #29756

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-05-27 10:31:39 +02:00
Alexander Schwartz
c6e071cf07
Clear entries in remote caches and force events on the remote site (#29597) 
Closes #29592

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-05-23 14:47:32 +02:00
Thomas Darimont
ab376d9101 Make required actions configurable (#28400) 
- Add tests for crud operations on configurable required actions
- Add support exposing the required action configuration via RequiredActionContext
- Make configSaveError message reusable in other contexts
- Introduced admin-ui specific endpoint for retrieving required actions with config metadata

Fixes #28400

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-05-23 08:38:36 +02:00
vramik
55bf4feebc Disable identity provider at the realm level when an organization is disabled 
Closes #29483

Signed-off-by: vramik <vramik@redhat.com>
 2024-05-22 07:58:26 -03:00
vramik
278341aff9 Add organizations enabled/disabled capability 
Closes #28804

Signed-off-by: vramik <vramik@redhat.com>
 2024-05-22 07:58:26 -03:00
Alexander Schwartz
80de3a0a71
Allow migration of non-persistent sessions to persistent sessions 
Closes #29375

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-05-22 10:30:46 +02:00
rmartinc
f7044ba5c2 Use SessionExpirationUtils for validate user and client sessions 
Check client session is valid in TokenManager
Closes #24936

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-05-22 10:12:20 +02:00
Dimitri Papadopoulos Orfanos
64a145e960
Fix user-facing typos in error messages (#29326) 
Update resource file and tests accordingly

Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
 2024-05-16 09:55:41 +02:00
Alexander Schwartz
673e122443 Avoid sorting items returned from the database which are already stable 
Closes #29319

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-05-13 16:15:38 +02:00
Alexander Schwartz
6cc8d653f3 Make SessionWrapper related fields immutable that are part of the equals method 
The cache replace logic depends on it, as values returned by reference from a local cache must never be modified on those critical fields directly.

Closes #28906

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-05-13 09:59:50 +02:00
Alexander Schwartz
eaeffe95ac
Avoid conflicts when writing to session stores by checking for concurrent requests within the JVM (#29393) 
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2024-05-09 08:24:43 +00:00
Pedro Ruivo
cbce548e71 Infinispan 15.0.3.Final 
Closes #29068

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-05-08 17:18:39 +02:00
Alice W
584e92aaba Add support for organizational invites to new and existing users based on tokens 
Signed-off-by: Alice W <105500542+alice-wondered@users.noreply.github.com>
 2024-05-06 17:57:13 -03:00
Dimitri Papadopoulos Orfanos
cd8e0fd333
Fix user-facing typos in Javadoc (#28971) 
Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-05-06 18:57:55 +00:00
Stefan Guilhen
dae1eada3d Add enabled field to OrganizationEntity 
Closes #28891

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-05-06 14:46:56 -03:00
Pedro Ruivo
4c6f3ce35d Remove unused code from model/infinispan module 
Closes #29137

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-05-06 18:53:23 +02:00
Pedro Ruivo
fe5bed6191
Retry fetching event from remote cache 
Closes #28303

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-05-06 17:27:07 +02:00
Michal Hajas
128bba34d3 Remove PERSISTENT_USER_SESSIONS_No_CACHE feature 
Closes #29264

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2024-05-06 08:53:39 +02:00
Michal Hajas
8b715d3a31 Do not use LastSessionRefreshPersister with persistent user sessions enabled 
Closes #29144

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2024-05-06 08:49:48 +02:00
Pedro Ruivo
82a959fa78 Remove WildFly Clustering Marshaller 
Closes #29135

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-05-03 12:31:47 +02:00
Alexander Schwartz
05b6f897ce
Execute persistent sessions tests in CI and fix deadlock (#29236) 
* Execute persistent sessions tests in CI and fix deadlock in UserSessionConcurrencyTest 
The deadlock was caused by a switch to reactive handling of embedded Infinispan updates introduced here #28862
Closes #29235

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-05-03 10:42:34 +02:00
Michal Hajas
e93b7d4f3a
Use computeIfPresent also for Persistent sessions 
Follow-up-on #29073

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2024-05-02 16:43:54 +00:00
Stefan Guilhen
45e5e6cbbf Introduce filtered (and paginated) search for organization members 
Closes #28844

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-05-02 11:25:43 -03:00
Michal Hajas
4c17c6107e Merge offline and online sessions transactions 
Closes #29139
Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2024-04-30 18:03:17 +02:00
Michal Hajas
7c427e8d38 Remove offline sessions timeouts adjusters as with persistent session we have bounded caches and it is no longer necessary to adjust time in caches 
Closes #29140
Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2024-04-30 18:03:17 +02:00
Alexander Schwartz
d69872fa11
Batch writes originating from logins/logouts for persistent sessions 
All writes for the sessions are handled by a background thread which batches them.

Closes #28862

Wait for persistent-store to contain update
instead of cache which has the change immediately since it is in memory + introduce new model-test profile

Closes #29141

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2024-04-30 14:07:35 +02:00
Pedro Ruivo
17a700b6b9 Use cache.compute() method to improve the replace retry loop 
Closes #29073

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-04-29 12:24:33 +02:00
Pedro Ruivo
3de5357091 CLI options to disable encryption and authentication to external Infinispan 
Closes #28750

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-04-20 18:30:24 +02:00
Pedro Ruivo
3e0a185070 Remove deprecated EnvironmentDependentProviderFactory.isSupported method 
Closes #26280

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-04-19 16:36:49 +02:00
Alexander Schwartz
13af4f44f5
Defer updates of last session updates and batch them (#28502) 
Defer updates of last session refreshes and batch them

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2024-04-17 09:25:05 +02:00
Martin Kanis
f764a9cb4a NPE when listing sessions in UI if associated user is gone 
Closes #28801

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-04-16 11:53:36 -03:00
Pedro Ruivo
2494ad6950 Refactor and remove deprecated Infinispan methods from DefaultInfinispanConnectionProviderFactory 
Closes #28752

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-04-16 10:51:57 +02:00
Alexander Schwartz
004f419fd0 Leave a tombstone after the deletion of a cache entry 
This captures the scenario of multiple deletion calls in the current session.

Closes #28672

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-04-12 17:00:19 +02:00
Alexander Schwartz
b4cfebd8d5
Persistent sessions code also for offline sessions (#28319) 
Persistent sessions code also for offline sessions

Closes #28318

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-04-12 13:15:02 +02:00
rmartinc
6d74e6b289 Escape slashes in full group path representation but disabled by default 
Closes #23900

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-04-12 10:53:39 +02:00
Douglas Palmer
69ba92808d DefaultBruteForceProtector leverages a single thread to write success/failed events 
Closes #14084

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-04-12 09:53:40 +02:00
Michal Hajas
1bb5e14134 Use ReentrantLock instead of synchronized to avoid thread pinning 
+ since the runSerialized mechanism is currently on the best effort basis it is possible there are concurrent executions if T1 obtained a lock T2 removed the lock and T3 created a new lock before T1 called putIfAbsent therefore I added a debug log detecting this situation

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2024-04-09 14:55:21 +02:00
Alexander Schwartz
355901dfd8 Add a back-off period when replacing cache entries fails 
Closes #28388

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-04-09 14:55:21 +02:00
Alexander Schwartz
63e7523a6d Avoid unnecessary updates to the sessions during refreshes of tokens 
Closes #28388

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-04-09 14:55:21 +02:00
Alexander Schwartz
dc18bd4efb Avoid conflicts when writing to session stores by checking for concurrent requests within the JVM 
Closes #28388

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-04-09 14:55:21 +02:00