mposolda
a0192d61cc
Redirect loop with authentication success but access denied at default identity provider
...
closes #17441
2023-03-06 10:45:01 +01:00
Michal Hajas
465019bec4
Extract attachDevice outside of storage layer
...
Closes #17336
2023-03-03 17:58:34 +01:00
Zakaria Amine
fb5a7f654b
trigger IDENTITY_PROVIDER_FIRST_LOGIN (and UPDATE_PROFILE ) event when identity provider flow succeeds ( #15100 )
...
closes #15098
2023-03-03 17:49:27 +01:00
Jon Koops
6d2e57f93a
Move Keycloak JS into the NPM workspace ( #17401 )
2023-03-03 13:56:53 +01:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version ( #17334 )
...
* Use a valid SemVer format for the SNAPSHOT version
* Update pom.xml
* Update pom.xml
---------
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-03-03 11:11:44 +01:00
Alexander Schwartz
1e4401f521
Avoid returning the same entity multiple times from separate searches
...
Closes #15604
2023-03-02 08:21:38 +01:00
mposolda
b28bde542f
referrer_url is not correctly computed in account console
...
closes #16484
2023-03-01 20:49:15 +01:00
Marek Posolda
59f4fe1c60
NPE on Theme after upgrade to 21 when parent or import theme not exists ( #17350 )
...
* NPE on Theme after upgrade to 21 when parent or import theme not exists
closes #17313
* Update per review
2023-03-01 15:46:37 +00:00
rmartinc
5cdf4d5791
Read-Only attributes should be modified if creation is delayed for LDAP
...
Closes https://github.com/keycloak/keycloak/issues/16848
2023-03-01 11:26:57 +01:00
Pedro Igor
fbf5541802
Remove duplicated set-cookie header from response when expiring cookies
...
Closes #17192
2023-02-27 14:17:27 -03:00
lpa
3cd413dee1
SOAP backchannel logout for SAML protocol
...
Closes #16293
2023-02-27 14:24:12 +01:00
rmartinc
38a46726e4
Implement UserInfoTokenMapper in HardcodedRole and RoleNameMapper mappers
...
Closes https://github.com/keycloak/keycloak/issues/15624
2023-02-27 10:14:48 -03:00
Miquel Simon
923a321a55
Run WebAuthn IT with Chrome. ( #17256 )
2023-02-23 20:58:13 +00:00
Václav Muzikář
557a22968c
Stabilize Account Console UI tests ( #17243 )
...
Closes #17178
Closes #17102
Closes #17070
Closes #17045
Closes #17044
Closes #16875
Closes #16870
Closes #16715
Closes #16670
Closes #16646
Closes #16627
Closes #16620
2023-02-23 12:35:08 +01:00
Marek Posolda
b9ab942ef8
FIPS related docs ( #17196 )
...
* FIPS related docs
Closes #16444 #12432 #12429
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-02-22 12:47:15 +01:00
rmartinc
f91ac2970d
Polish fips-mode switch for preview ( #17228 )
...
* Polish fips-mode switch for preview
Closes #17208 #17210
Co-authored-by: mposolda <mposolda@gmail.com>
2023-02-22 12:12:52 +01:00
mposolda
5ac8f7c1ef
Link 'Sign out' incorrectly hardcoded to localhost in the authz example applications
...
closes #17216
2023-02-21 15:49:20 +01:00
drohwer89
4ff180da64
Terminating all sessions above the session limit ( #16068 )
...
Adjusts implementation of UserSessionLimitsAuthenticator to terminate all sessions above the session limit.
Closes #14689
Co-authored-by: Marek Posolda <mposolda@gmail.com>
2023-02-16 17:56:59 +01:00
rmartinc
9995a3cdd4
lastSync value into COMPONENT_CONFIG is always updated
...
Closes https://github.com/keycloak/keycloak/issues/17022
2023-02-16 17:48:49 +01:00
mposolda
4f068fcdcc
Make https-trust-store-type set to bcfks by default in strict-mode
...
Closes #17119
2023-02-16 08:00:21 -03:00
sui.jieqiang
1f6fa0501c
Fix search user groups without limit
...
Closes #12649
2023-02-15 15:50:46 +01:00
rmartinc
fbc9177f27
Doublecheck if we need to override properties in java.security
...
Closes https://github.com/keycloak/keycloak/issues/16702
2023-02-15 12:33:48 +01:00
vramik
7b604d6784
Sync properties in map-storage-jpa-cocroach
with other profiles
...
Closes #17107
2023-02-15 10:49:22 +01:00
Hynek Mlnarik
bb0eb899a7
Add ability to run arq testsuite with file store
...
Fixes : #17032
2023-02-15 10:17:23 +01:00
Pedro Igor
9e46b9e43f
Handling events after transaction completion using a separate session
...
Closes #15656
2023-02-14 13:10:57 +01:00
Václav Muzikář
a57821ed80
Fix JDK 17 InaccessibleObjectException with infinispan
2023-02-13 17:09:36 -03:00
Miquel Simon
48a22ff2f3
Added WebAuthn integration tests to CI workflow. ( #16608 )
2023-02-13 12:28:25 +00:00
laskasn
dc8b759c3d
Use encryption keys rather than sig for crypto in SAML
...
Closes #13606
Co-authored-by: mhajas <mhajas@redhat.com>
Co-authored-by: hmlnarik <hmlnarik@redhat.com>
2023-02-10 12:06:49 +01:00
Marek Posolda
9cfc1fdfa9
Reduce the redundant tests in fips-suite ( #16970 )
...
Closes #16969
2023-02-09 12:21:33 +01:00
Pedro Igor
017ddc670b
Removing references to old admin console test artifacts
2023-02-08 17:22:45 -03:00
Pedro Igor
423fc6daba
Flaky test KcOidcBrokerTokenExchangeTest ( #16914 )
...
Closes #16896
2023-02-08 14:49:49 +00:00
Dmitry Telegin
5f39aeb590
Pre-authorization hook for client policies
...
Closes #9017
2023-02-08 15:06:32 +01:00
Michal Hajas
6fa62e47db
Leverage HotRod client provided transaction
...
Closes #13280
2023-02-08 10:26:30 +01:00
Stian Thorgersen
d3ba2ecbed
Remove old admin console theme ( #16864 )
...
Closes #16862
2023-02-08 09:22:39 +01:00
Stian Thorgersen
4782a85166
Remove old admin console feature ( #16861 )
...
* Remove old admin console feature
Closes #16860
* Update help txt files for Quarkus tests
2023-02-07 12:59:35 +01:00
Pedro Igor
7b58783255
Allow mapping claims to user attributes when exchanging tokens
...
Closes #8833
2023-02-07 10:57:35 +01:00
Thomas Darimont
e38b7adf92
Revise blacklist password policy provider #8982
...
- Reduce false positive probability from 1% to 0.01% to avoid
rejecting to many actually good passwords.
- Make false positive rate configurable via spi config
- Revised log messages
Supported syntax variant:
`passwordBlacklist(wordlistFilename)`
Fixes #8982
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2023-02-07 10:36:39 +01:00
Martin Kanis
5ba004b447
Leverage Infinispan lifespan for ExpirableEntities in HotRod storage
2023-02-07 10:01:32 +01:00
Stian Thorgersen
fc075a3d35
Remove old admin console tests ( #16859 )
...
Closes #16858
2023-02-07 08:51:36 +01:00
Denis Bernard
5db64133b8
Add Attribute to Group Mapper for SAML IDP
...
Cleansing code as PR Comment
Add test for Advanced Attribute to Group Mapper
Closes #12950
2023-02-06 10:58:48 -03:00
Pedro Igor
1a1ee78dbd
Removing tests from base group broker mapper test classes
2023-02-06 10:58:48 -03:00
Pedro Igor
d97b9c48c4
Make sure PBKDF2 providers are using the expect size for derived keys ( #16798 )
...
Closes #16797
2023-02-03 15:31:25 +01:00
rmartinc
f8f112d8d2
Upgrade twitter4j ( #16828 )
...
Closes https://github.com/keycloak/keycloak/issues/16731
2023-02-03 15:28:37 +01:00
mposolda
0e374c7a45
Any tests using PhantomJS failing in some linux environments
...
closes #16818
2023-02-03 15:19:57 +01:00
Stian Thorgersen
0fa209c29a
WelcomeScreenTest#resourcesTest ( #16761 )
...
* Fix WelcomeScreenTest#resourcesTest
Closes #16669
* Add one more retry
2023-02-03 09:41:48 +01:00
Marek Posolda
51bed81814
Fixes for OOB endpoint and KeycloakSanitizer ( #16773 )
...
(cherry picked from commit 91ac2fb9dd50808ff5c76d639594ba14a8d0d016)
2023-02-02 08:34:50 +01:00
Pedro Igor
e3c41ec3a0
Ignoring test methods from parent classes
...
Closes #15687
2023-02-01 14:58:03 -08:00
Stian Thorgersen
d9025231f9
HTML Injection in Keycloak Admin REST API ( #16765 )
...
Resolves #GHSA-m4fv-gm5m-4725
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2023-02-01 14:34:15 +01:00
Marek Posolda
33ff9ef17e
Fix remaining failing tests with BCFIPS approved mode ( #16699 )
...
* Fix remaining failing tests with BCFIPS approved mode
Closes #16698
2023-01-30 16:01:57 +01:00
mposolda
7f017f540e
BCFIPS approved mode: Some tests failing due the short secret for client-secret-jwt client authentication
...
Closes #16678
2023-01-30 08:40:46 +01:00