Commit graph

23949 commits

Author SHA1 Message Date
agagancarczyk
f173c87e34
changed messages (#26633)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-31 12:09:41 +00:00
Stefan Gries
e988e4f135
Implement case-insensitive comparison for search on provider info page (#26590)
Helps users to find the providers they are searching for without knowing how it is spelled internally.

Fixes #26589

Signed-off-by: Stefan Gries <stefan.gries@codecentric.de>
2024-01-31 12:06:28 +00:00
Václav Muzikář
4096a2657e
Supported option to specify site name for multi-site deployments
Closes #26460

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-31 11:52:19 +00:00
Stian Thorgersen
b9044f5e11
Update teams and areas (#26624)
Signed-off-by: stianst <stianst@gmail.com>
2024-01-31 12:33:54 +01:00
mposolda
10ba70c972 Possibility to email being not required
closes #26552

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-01-31 10:57:10 +01:00
Steven Hawkins
b41e2f82c4
fix: completely removing problematic assertion (#26613)
closes: #26529

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-31 10:19:14 +01:00
dependabot[bot]
983e2c7033
Bump reactflow from 11.10.2 to 11.10.3 in /js (#26519)
Bumps [reactflow](https://github.com/xyflow/xyflow/tree/HEAD/packages/reactflow) from 11.10.2 to 11.10.3.
- [Release notes](https://github.com/xyflow/xyflow/releases)
- [Changelog](https://github.com/xyflow/xyflow/blob/reactflow@11.10.3/packages/reactflow/CHANGELOG.md)
- [Commits](https://github.com/xyflow/xyflow/commits/reactflow@11.10.3/packages/reactflow)

---
updated-dependencies:
- dependency-name: reactflow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-31 09:54:33 +01:00
dependabot[bot]
8968773f46
Bump @testing-library/react from 14.1.2 to 14.2.0 in /js (#26620)
Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library) from 14.1.2 to 14.2.0.
- [Release notes](https://github.com/testing-library/react-testing-library/releases)
- [Changelog](https://github.com/testing-library/react-testing-library/blob/main/CHANGELOG.md)
- [Commits](https://github.com/testing-library/react-testing-library/compare/v14.1.2...v14.2.0)

---
updated-dependencies:
- dependency-name: "@testing-library/react"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-31 09:49:40 +01:00
dependabot[bot]
f900ab570f
Bump cypress from 13.6.3 to 13.6.4 in /js (#26621)
Bumps [cypress](https://github.com/cypress-io/cypress) from 13.6.3 to 13.6.4.
- [Release notes](https://github.com/cypress-io/cypress/releases)
- [Changelog](https://github.com/cypress-io/cypress/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/cypress-io/cypress/compare/v13.6.3...v13.6.4)

---
updated-dependencies:
- dependency-name: cypress
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-31 09:49:25 +01:00
dependabot[bot]
1b9a957bbf
Bump @types/node from 20.11.10 to 20.11.13 in /js (#26622)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.11.10 to 20.11.13.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-31 09:49:09 +01:00
Thomas Darimont
346c2926f6
Fix error type in SAML response on missing destination
We now use INVALID_SAML_RESPONSE insteadof INVALID_LOGOUT_RESPONSE.
Added proposed test case.

Closes #11178

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Chris Dolphy <cdolphy@redhat.com>
2024-01-31 09:32:14 +01:00
Steven Hawkins
2480fab6f9
fix: accounting for a null container (#26605)
closes: #26604

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-30 18:02:00 +00:00
Stefan Wiedemann
fa948f37e0
Issue Verifiable Credentials in jwt_vc format #25941 (#26484)
closes #25941 

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
2024-01-30 18:35:20 +01:00
mposolda
1213556eff Fixes for UsernameIDNHomographValidator
closes #26564

Signed-off-by: mposolda <mposolda@gmail.com>
2024-01-30 14:30:28 +01:00
Chris Tanaskoski
5373f3c97a
Don't fail reset credentials action upon first broker login without EXISTING_USER_INFO (#26324)
The ResetCredentialsActionTokenHandler depends upon the `EXISTING_USER_INFO` through `AbstractIdpAuthenticator.getExistingUser` solely to log the username. However, if the first broker login flow does not include a `IdpCreateUserIfUniqueAuthenticator` or `IdpDetectExistingBrokerUserAuthenticator`, the `EXISTING_USER_INFO` is never set.

This commit does not attempt to fetch the existing user if we don't have this info set.

Closes #26323

Signed-off-by: Chris Tanaskoski <chris@devristo.com>
2024-01-30 11:16:52 +00:00
Erik Jan de Wit
02d86d1d8f
removed revocation (#26459)
fixes: #17734

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-30 10:49:39 +01:00
dependabot[bot]
4716c956b0 Bump @typescript-eslint/parser from 6.19.1 to 6.20.0 in /js
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 6.19.1 to 6.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.20.0/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 10:32:10 +01:00
dependabot[bot]
321f0088c4 Bump @testing-library/jest-dom from 6.3.0 to 6.4.0 in /js
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) from 6.3.0 to 6.4.0.
- [Release notes](https://github.com/testing-library/jest-dom/releases)
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md)
- [Commits](https://github.com/testing-library/jest-dom/compare/v6.3.0...v6.4.0)

---
updated-dependencies:
- dependency-name: "@testing-library/jest-dom"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 10:15:17 +01:00
dependabot[bot]
1d4458763b Bump i18next from 23.8.0 to 23.8.1 in /js
Bumps [i18next](https://github.com/i18next/i18next) from 23.8.0 to 23.8.1.
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v23.8.0...v23.8.1)

---
updated-dependencies:
- dependency-name: i18next
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 10:14:48 +01:00
dependabot[bot]
eb7a3cf6c9 Bump @typescript-eslint/eslint-plugin from 6.19.1 to 6.20.0 in /js
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 6.19.1 to 6.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.20.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 10:13:54 +01:00
Steven Hawkins
00ea73d6ba
fix: increases another timeout to accomodate for the transaction timeout (#26566)
closes: #26529

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-30 09:16:34 +01:00
Dipesh Singh
7e021730c7
Show displayName of realm on welcome page (#26562)
Closes #25897

Signed-off-by: dipeshsingh253 <sinhdipesh@gmail.com>
2024-01-29 19:23:08 +01:00
Steven Hawkins
ed96b13312
fix: preservation of the command line in the --optimized suggestion (#26163)
closes #26140

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-29 13:48:53 +01:00
TheKeeroll
13b8db0026
typo fix (#26526)
Signed-off-by: TheKeeroll <57570053+TheKeeroll@users.noreply.github.com>
2024-01-29 11:40:21 +00:00
Réda Housni Alaoui
eff289be1c
Effective email address missing from email confirmation French translation (#26551)
Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
2024-01-29 11:31:14 +01:00
Stian Thorgersen
0fb6bdfcac
Cookie Provider - move remaining cookies (#26531)
Closes #26500

Signed-off-by: stianst <stianst@gmail.com>
2024-01-29 11:06:37 +01:00
dependabot[bot]
d7ed09fbea Bump wireit from 0.14.3 to 0.14.4 in /js
Bumps [wireit](https://github.com/google/wireit) from 0.14.3 to 0.14.4.
- [Changelog](https://github.com/google/wireit/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google/wireit/compare/v0.14.3...v0.14.4)

---
updated-dependencies:
- dependency-name: wireit
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 10:39:39 +01:00
dependabot[bot]
51a596dd15 Bump vitest from 1.2.1 to 1.2.2 in /js
Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/vitest-dev/vitest/releases)
- [Commits](https://github.com/vitest-dev/vitest/commits/v1.2.2/packages/vitest)

---
updated-dependencies:
- dependency-name: vitest
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 10:38:24 +01:00
dependabot[bot]
9fa743bec3
Bump chai from 5.0.0 to 5.0.3 in /js (#26518)
Bumps [chai](https://github.com/chaijs/chai) from 5.0.0 to 5.0.3.
- [Release notes](https://github.com/chaijs/chai/releases)
- [Changelog](https://github.com/chaijs/chai/blob/main/History.md)
- [Commits](https://github.com/chaijs/chai/compare/v5.0.0...v5.0.3)

---
updated-dependencies:
- dependency-name: chai
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-29 09:36:12 +00:00
dependabot[bot]
01bb6726ea Bump i18next from 23.7.19 to 23.8.0 in /js
Bumps [i18next](https://github.com/i18next/i18next) from 23.7.19 to 23.8.0.
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v23.7.19...v23.8.0)

---
updated-dependencies:
- dependency-name: i18next
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 10:16:53 +01:00
dependabot[bot]
39b1c830e4 Bump @types/node from 20.11.6 to 20.11.10 in /js
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.11.6 to 20.11.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 10:16:38 +01:00
dependabot[bot]
0178a91f66
Bump @faker-js/faker from 8.3.1 to 8.4.0 in /js (#26521)
Bumps [@faker-js/faker](https://github.com/faker-js/faker) from 8.3.1 to 8.4.0.
- [Release notes](https://github.com/faker-js/faker/releases)
- [Changelog](https://github.com/faker-js/faker/blob/next/CHANGELOG.md)
- [Commits](https://github.com/faker-js/faker/compare/v8.3.1...v8.4.0)

---
updated-dependencies:
- dependency-name: "@faker-js/faker"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-26 19:15:05 +01:00
dependabot[bot]
1db2c50512
Bump @types/node from 20.11.5 to 20.11.6 in /js (#26480)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.11.5 to 20.11.6.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-26 19:12:17 +01:00
Lex Cao
cf3f05a259
Skip grant role if exists for federated storage (#26508)
Closes #26507

Signed-off-by: Lex Cao <lexcao@foxmail.com>
2024-01-26 17:08:47 +00:00
Fouad Almalki
b7d2010af7
Add missing Arabic translations (#26486)
Closes #26485

Signed-off-by: Fouad Almalki <me@fouad.io>
2024-01-26 10:08:02 +00:00
Stian Thorgersen
bc3c27909e
Cookie Provider (#26499)
Closes #26500

Signed-off-by: stianst <stianst@gmail.com>
2024-01-26 10:45:00 +01:00
Bruno Oliveira da Silva
3655268e4d Ensure that the CNCF Code of Conduct are explicitly referenced at the project's README on GitHub
Closes #26268

Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2024-01-25 16:22:04 -03:00
dependabot[bot]
758e4e9056
Bump i18next from 23.7.18 to 23.7.19 in /js (#26481)
Bumps [i18next](https://github.com/i18next/i18next) from 23.7.18 to 23.7.19.
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v23.7.18...v23.7.19)

---
updated-dependencies:
- dependency-name: i18next
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-25 17:30:37 +00:00
dependabot[bot]
1f290a81f9
Bump js-sha256 from 0.10.1 to 0.11.0 in /js (#26478)
Bumps [js-sha256](https://github.com/emn178/js-sha256) from 0.10.1 to 0.11.0.
- [Changelog](https://github.com/emn178/js-sha256/blob/master/CHANGELOG.md)
- [Commits](https://github.com/emn178/js-sha256/compare/v0.10.1...v0.11.0)

---
updated-dependencies:
- dependency-name: js-sha256
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-25 18:08:41 +01:00
dependabot[bot]
9fec709501
Bump vite-plugin-dts from 3.7.1 to 3.7.2 in /js (#26482)
Bumps [vite-plugin-dts](https://github.com/qmhc/vite-plugin-dts) from 3.7.1 to 3.7.2.
- [Release notes](https://github.com/qmhc/vite-plugin-dts/releases)
- [Changelog](https://github.com/qmhc/vite-plugin-dts/blob/main/CHANGELOG.md)
- [Commits](https://github.com/qmhc/vite-plugin-dts/compare/v3.7.1...v3.7.2)

---
updated-dependencies:
- dependency-name: vite-plugin-dts
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-25 18:07:57 +01:00
dependabot[bot]
45466a1707
Bump @testing-library/jest-dom from 6.2.1 to 6.3.0 in /js (#26479)
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom) from 6.2.1 to 6.3.0.
- [Release notes](https://github.com/testing-library/jest-dom/releases)
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md)
- [Commits](https://github.com/testing-library/jest-dom/compare/v6.2.1...v6.3.0)

---
updated-dependencies:
- dependency-name: "@testing-library/jest-dom"
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-25 18:05:28 +01:00
Marek Posolda
651d99db25
Allow selecting attributes from user profile when managing token mappers (#26415)
* Allow selecting attributes from user profile when managing token mappers
closes #24250

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-01-25 17:01:02 +01:00
Martin Kanis
7797f778d1 Map Store Removal: Rename legacy modules
Closes #24107

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-25 16:29:16 +01:00
Erik Jan de Wit
28c9f98930
moved login screen to patternfly 5 (#25340)
* moved login screen to patternfly 5

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added Feature flag to enable login v2

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* removed the old css and only include logo and background styles

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* changed to experimental

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added login2

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added windows help texts

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-25 13:45:53 +01:00
Ricardo Martin
b58f35fb47
Revert "Enable verify profile required action by default for new realms" (#26495)
This reverts commit 7f195acc14.

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-25 12:28:16 +01:00
Sol Roberts
29bc02a699
fix http_tlsSecret example for operator (#26282)
Signed-off-by: BadgerOps <github@badgerops.net>
2024-01-25 11:10:56 +01:00
Stefan Wiedemann
efa6ddc41e
Create SPI and Provider for Verifiable Credentials Signing #25937 (#26263)
* implement oid4vci service interfaces

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* add oid4vc to the disabled features test

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* fix test and add doc

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* add the new preview feature

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* add class-level doc

remove wildcard imports

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* add license headers

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* fix year

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* fix teste

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* two additional test fixes

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* make the feature experimental

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* remove clock

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* remove usage of var

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

* fix tests

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>

---------

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
2024-01-25 07:36:28 +01:00
Stian Thorgersen
cbfdae5e75
Remove support for multiple AUTH_SESSION_ID cookies (#26462)
Closes #26457

Signed-off-by: stianst <stianst@gmail.com>
2024-01-25 06:58:42 +01:00
rmartinc
7f195acc14 Enable verify profile required action by default for new realms
Closes #25985

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-24 20:28:06 +01:00
Thomas Darimont
e7363905fa Change password hashing defaults according to OWASP recommendations (#16629)
Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2):

- Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512
- Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000
- Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000
- Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000
- Adapt PasswordHashingTest to new defaults
- The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations.
- Document changes in changes document with note on performance and how
  to keep the old behaviour.
- Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly

Fixes #16629

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-01-24 18:35:51 +01:00