Commit graph

15331 commits

Author SHA1 Message Date
Václav Muzikář
0afc4a8af7
Refactor KeycloakDeploymentConfig (#14880)
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2022-10-14 10:42:09 -03:00
Alexander Schwartz
97c4495c4f Updating H2 database to 2.x
Closes #12607

Co-authored-by: Stian Thorgersen <stian@redhat.com>
2022-10-14 11:52:34 +02:00
vramik
f49582cf63 MapUserProvider in KC20 needs to store username compatible with KC19 to be no-downtime-upgradable
Closes #14678
2022-10-14 09:32:38 +02:00
danielFesenmeyer
f80a8fbed0 Avoid login failures in case of non-existing group or role references and update references in case of renaming or moving
- no longer throw an exception, when a role or group cannot be found, log a warning instead
- update mapper references in case of the following events:
   - moving a group
   - renaming a group
   - renaming a role
   - renaming a client's Client ID (may affect role qualifiers)
- in case a role or group is removed, the reference still will not be changed
- extend and refactor integration tests in order to check the new behavior

Closes #11236
2022-10-13 13:23:29 +02:00
Martin Kanis
761929d174
Merge ActionTokenStoreProvider and SingleUseObjectProvider (#13677)
Closes #13334
2022-10-13 09:26:44 +02:00
Martin Bartoš
90c1624668 Add transaction options to Keycloak CR
Closes #14375
2022-10-13 08:41:47 +02:00
Stian Thorgersen
ded52c6228
Move session iframe pages (#14769)
Closes #14767
2022-10-13 08:16:20 +02:00
Lex Cao
8ea3f30d82 Support profile projection parameter for LinkedIn IDP
Closes #13384
2022-10-11 15:22:00 -03:00
Martin Bartoš
7311e12066 Add features options to Keycloak CR
Closes #14376
2022-10-11 15:07:44 +02:00
Erik Jan de Wit
6416db2d67 removed all usage of ui-select template functions 2022-10-11 09:40:29 -03:00
Bruno Oliveira da Silva
9c007e3779 Update Snyk ignore file to ignore jackson-databind 2.14.0 is out
Resolves #14831
2022-10-10 18:33:37 -03:00
Alexander Schwartz
b67ce73227 Cleanup MapUserSessionAdapter.getAuthenticatedClientSessions()
Closes #14743
2022-10-10 13:01:14 +02:00
Stian Thorgersen
fda26385ec
Add profile feature for hosting keycloak.js on the server (#14771)
* Add profile feature for hosting keycloak.js on the server

Closes #14770

* Updated txt files for HelpCommandTest
2022-10-10 08:00:50 +02:00
Takashi Norimatsu
148c7695ff Pluggable Features of Token Manager
Closes #12065
2022-10-07 08:43:34 +02:00
Takashi Norimatsu
c60a34ac06 Keycloak 19 cannot register post logout redirect URIs whose length in total is over 4000
Closes #14013
2022-10-06 20:05:03 +02:00
Bruno Oliveira da Silva
64256e9ae4 Update OpenShift REST client to fix a critical vulnerability on the transitive dependency com.squareup.okhttp3:okhttp
Resolves #14641
2022-10-06 14:40:54 -03:00
vramik
a62e98f966 MapUserProvider should throw an exception for more than one user
Closes #14672
2022-10-06 13:11:57 +02:00
Jon Koops
a670e1d965
Check for 3rd-party storage access in ifames (#14680)
Closes #14466
2022-10-06 10:22:47 +02:00
dependabot[bot]
2ca23526ad
Bump undertow-core from 2.2.14.Final to 2.2.19.Final (#14635)
Bumps [undertow-core](https://github.com/undertow-io/undertow) from 2.2.14.Final to 2.2.19.Final.
- [Release notes](https://github.com/undertow-io/undertow/releases)
- [Commits](https://github.com/undertow-io/undertow/compare/2.2.14.Final...2.2.19.Final)

---
updated-dependencies:
- dependency-name: io.undertow:undertow-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-05 22:16:22 +02:00
Muhammad Ummar Iqbal
91a58ed1b9
Documentation updated: Hosting from a sub path section added (#14505)
* Hosting from a sub path section added

* Update as per PR comments

* updates # 2 as per suggestions

* details link removed

* includedOptions section updated
2022-10-05 19:52:05 +02:00
Hynek Mlnarik
36a1ce6a1a Ensure map storage providers are closed upon session close
Fixes: #14730
2022-10-05 14:16:19 +02:00
Marek Posolda
425b6b8df2
Parameters 'client_id' and 'response_type' not strictly required in O… (#14679)
* Parameters 'client_id' and 'response_type' not strictly required in OIDC request object
Closes #14255
2022-10-05 11:20:15 +02:00
Douglas Palmer
44aae52fb4
Fixed locale switcher on error page (#14728)
Closes #14205
2022-10-05 10:30:07 +02:00
vramik
e5408884f6 Revisit parent-child relationship in jpa map store
Closes #14278
2022-10-05 09:42:34 +02:00
Marek Posolda
c59660ca86
KEYCLOAK_SESSION not working for some user federation setups when user ID has special chars (#14560)
closes #14354
2022-10-05 08:59:30 +02:00
Stian Thorgersen
7ae1fa4833
Enable Foresight test-kit-action on PRs (#14695) 2022-10-05 07:47:53 +02:00
Oliver
5555a8d082
Fix #11963 (#14661) 2022-10-04 19:26:40 -04:00
Michał
486a70e337
Update user-list.html (#14515)
table-nav width fix
2022-10-04 18:01:25 -04:00
dependabot[bot]
9561d287d9
Bump github/codeql-action from 2.1.25 to 2.1.26 (#14690)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.25 to 2.1.26.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.25...v2.1.26)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-04 06:58:49 +02:00
Marek Posolda
fb24c86a3b
offline token issuance can cause violation of PRIMARY KEY constraint CONSTRAINT_OFFL_CL_SES_PK3 (#14658)
closes #13706
2022-10-03 12:54:12 +02:00
Stian Thorgersen
390c7485c7
Remove WildFly dist modules (#14675)
Closes #14307
2022-09-30 14:26:55 +02:00
Alice Wood
1eb7e95b97 enhance existing group search functionality allow exact name search keycloak/keycloak#13973
Co-authored-by: Abhijeet Gandhewar <agandhew@redhat.com>
2022-09-30 10:37:52 +02:00
Martin Bartoš
a20d6e2f1f
Remove JBoss-based auth servers from the testsuite (#14317)
Closes #14299
2022-09-30 09:41:57 +02:00
Marcelo Daniel Silva Sales
22713bc144
Incorrect error message OIDC client authentication (#14656)
closes #12162


Co-authored-by: Pedro Hos <pedro-hos@outlook.com>
2022-09-30 09:40:05 +02:00
Mark Andreev
581def56d6
Fix null username in ldap (#8717)
Closes #14667
2022-09-30 09:34:02 +02:00
dependabot[bot]
52f58b5f28 Bump github/codeql-action from 2.1.21 to 2.1.25
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.21 to 2.1.25.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.21...v2.1.25)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-29 10:19:30 -03:00
dependabot[bot]
bedfb81c3c Bump aquasecurity/trivy-action from 0.6.2 to 0.7.1
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.6.2 to 0.7.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](cb606dfdb0...d63413b0a4)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-09-29 06:01:03 -03:00
Bruno Oliveira da Silva
db34e9e2ce False alert - Arbitrary Code Execution vulnerability in org.keycloak:keycloak-saml-core
Resolves #14639
2022-09-29 05:53:29 -03:00
Václav Muzikář
20fa75f677 Upgrade Operator SDK version 2022-09-29 10:28:47 +02:00
Martin Kanis
42ad95af4d Stabilize testPersistenceMultipleNodesClientSessionsAtRandomNode model test 2022-09-27 21:01:35 +02:00
David Anderson
a8db79a68c
Introduce crypto module using Wildfly Elytron (#14415)
Closes #12702
2022-09-27 08:53:46 +02:00
Alexander Schwartz
be2deb0517 Modify RealmsAdminResource.importRealm to work with InputStream
Closes #13609
2022-09-26 20:58:08 +02:00
Pedro Igor
cff5cfb6df Avoid including user managed entities into the default PU
Closes #12442
2022-09-23 18:01:43 +02:00
Jon Koops
c56b69bbc9
Add proper variable declaration for AuthZ JS (#14561) 2022-09-23 11:17:16 -04:00
Hisanobu Okuda
53635e3317 KEYCLOAK-19132 SAML adapter config replacement with environment variables
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2022-09-23 13:15:16 +02:00
Pedro Igor
00e4c3567a Make it possible to switch between BC and BC-FIPS libraries
Closes #12424
2022-09-23 07:50:02 -03:00
Ivan Atanasov
4016dd95d2
Use temporary file to reduce the chance of serving partial gzipped resource (#14511)
Closes #14510
2022-09-23 07:51:41 +02:00
Paweł Walczak
b739878916
Fixed typo in --proxy example (#14539) 2022-09-23 07:43:03 +02:00
Alice Wood
55a660f50b enhance group search to allow searching for groups via attribute keycloak/keycloak#12964
Co-authored-by: Abhijeet Gandhewar <agandhew@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2022-09-19 15:19:36 +02:00
Takashi Norimatsu
0a832fc744 Intent support before issuing tokens (UK OpenBanking)
Closes #12883
2022-09-19 12:15:00 +02:00