Commit graph

2466 commits

Author SHA1 Message Date
Stefan Guilhen
6424708695 Ensure organization id is preserved on export/import
- Also fixes issues with description, enabled, and custom attributes missing when re-importing the orgs.

Closes #33207

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-25 16:07:44 +02:00
Christian Janker
4cd64c822c Log model migration on INFO level
closes #33163

Signed-off-by: Christian Janker <christian.janker@gmx.at>
2024-09-24 22:00:52 +02:00
Benoît
bf19ec11cf
Fix UserStorageManager.getGroupMembersStream potentially fetching all user (#33145)
Closes #32761
Signed-off-by: Benoit Messager <benoit.messager@liksi.fr>
Co-authored-by: Benoit Messager <benoit.messager@liksi.fr>
2024-09-24 09:51:35 +02:00
Christian Janker
21f90145ac Send UserRemovedEvent containing all user attributes
Invalidate CachedUserModel before UserRemovedEvent

closes #32194

Signed-off-by: Christian Janker <christian.janker@gmx.at>
2024-09-20 16:22:08 +02:00
Stefan Guilhen
900c496ffe
Remove the kc.org.broker.public attribute and use hideOnLogin in the IDP instead
Closes #32209

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-09-20 16:08:55 +02:00
Michal Hajas
d065be362a
Fix flaky UserSessionPersisterProviderTest
Closes #32892

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-20 13:24:34 +02:00
vramik
fcb31a5aa6 Implement invitation-only self-registration for realm users
Closes #31643

Signed-off-by: vramik <vramik@redhat.com>
2024-09-18 13:50:23 +02:00
Alexander Schwartz
2a95d0abfa
Sort order of updates for user properties (#32853)
This should reduce deadlocks on the user property table if the users are updated concurrently.

Closes #32852

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-18 12:37:42 +02:00
Stefan Guilhen
3e597722a9
Add cache for IdentityProviderStorageProvider.getForLogin (#32918)
Closes #32573

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-18 09:05:57 +02:00
Václav Muzikář
83c00731c3
Upgrade to Quarkus 3.14.2 (#32519)
Closes #32517

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-09-13 20:18:48 +02:00
Pedro Ruivo
f67bec0417 Rename remote-cache Feature
Renamed to "clusterless"

Closes #32596

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-09-13 13:03:13 +02:00
Michal Hajas
0f97e4cb39 Drop old tables for user and client sessions that are no longer used
Closes #32582

Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-09-12 11:47:37 +02:00
Stian Thorgersen
40049f31fa
Remove ProxyClassLoader and PlatformProvider returning script classloader (#32806)
Closes #32804

Signed-off-by: stianst <stianst@gmail.com>
2024-09-11 17:11:26 +02:00
Thomas Darimont
445a7da902 Ensure realm attributes import happens before client import
Fixes #32799

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-09-11 15:14:33 +02:00
cgeorgilakis-grnet
f8b1b3ee03 Search Identity Providers by alias or display name
Closes #32588

Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
2024-09-10 21:52:59 +02:00
Martin Kanis
ccb166d0e9 Add caching when querying brokers by organization
Closes #32574

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-09-09 09:24:43 -03:00
Alexander Schwartz
d9dfe74e8b
Set idle time the same as for the internal cache, but extend it for refreshes
Closes #32100

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-09-09 10:47:56 +02:00
Alexander Schwartz
9454c01d88
Fix parsing of broker user ID if it contains a dot (#32699)
Closes #32698

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-06 14:09:44 +02:00
Alexander Schwartz
ca951c3002
Drop redundant index on client sessions (#32665)
Closes #32583

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-06 13:39:32 +02:00
Giuseppe Graziano
a14548a7a2
Lightweight access tokens for Admin REST API (#32347)
* Lightweight access tokens for Admin REST API

Closes #31513


Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-09-04 18:04:23 +02:00
Stefan Guilhen
e7a4635620 Filter out org brokers from the account console
- org-linked brokers should not be available for login
- prepare the endpoint for search/pagination

Closes #31944

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-04 09:00:52 -03:00
Stefan Guilhen
557d7e87b2 Avoid iterating through all mappers when running the config event listeners
Closes #32233

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-04 07:40:58 -03:00
Pedro Ruivo
ba861fc5d7 Remove version() projection from Ickle Queries
Closes #32590

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-09-03 18:07:32 +02:00
Pedro Ruivo
29c8060bda Trigger mass re-index of the sessions caches when the entity changes
Closes #32594

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-09-03 15:48:14 +02:00
Pedro Igor
4b5b1a4c25 Unignore backchannel logout tests
Closes #20643

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-09-02 08:34:21 +02:00
Martin Kanis
7e6dd682d4 Validate organization alias for forbidden chars
Closes #32392

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-08-28 21:59:38 +02:00
vramik
37f42430e6 When Organization feature is enabled UserAdapter.getGroupsCount() returns wrong result
Closes #32460

Signed-off-by: vramik <vramik@redhat.com>
2024-08-28 21:20:56 +02:00
Pedro Ruivo
378db25016
Skip creating sessions cache when Persistent Sessions is enabled
Re-order the configuration steps to avoid redundant warnings

Closes #32416

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-27 16:21:08 +00:00
Stefan Guilhen
88cca10472 Rename IDPSpi to IdentityProviderStorageSpi
Closes #31639

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-26 15:10:09 -03:00
Stefan Guilhen
98dc21e6fc Add non-null filter when fetching groups.
Closes #32321

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-26 09:33:51 -03:00
Vlasta Ramik
d63c0fbd13
Decouple Identity provider mappers from RealmModel (#32251)
* Decouple Identity provider mappers from RealmModel

Closes #31731

Signed-off-by: vramik <vramik@redhat.com>
2024-08-22 12:05:19 -03:00
Alexander Schwartz
04d2126c73 Don't fetch expired user sessions from the database
Closes #32273

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-22 12:51:43 +02:00
Alexander Schwartz
5740f8836a Cleanup
Closes #32273

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-22 12:51:43 +02:00
Alexander Schwartz
a7964a588b Avoid n+1 SQL selects to load sessions
Closes #32273

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-22 12:51:43 +02:00
vramik
14494fb148 Ensure organization aware IdentityProviderModel is used in the infinispan IDPProvider
Closes #32108

Signed-off-by: vramik <vramik@redhat.com>
2024-08-22 07:22:18 -03:00
yelhouti
e8840df0e0
Fix: admin GUI not working with 1000s of realms
Search by RealmName is done before loading all realms when filtering

Closes #31956

Signed-off-by: Youssef El Houti <youssef.elhouti@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-21 14:58:36 +02:00
Stefan Guilhen
585d179fe0 Ensure identity providers returned to the org IDP selection are IDPs not associated with any orgs.
Closes #32238

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-21 07:49:01 -03:00
Pedro Igor
eeae50fb43 Make sure federationLink always map to the storage provider associated with federated users
Closes #31670

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-08-20 11:27:22 +02:00
Stefan Guilhen
fa7c2b5da6 Address review comments
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Stefan Guilhen
6e7b36e82f Add migration tests for the IDP changes
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Stefan Guilhen
f82159cf65 Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code.
Closes #32090

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Alexander Schwartz
74fec50ac5
Load client sessions in chunks from the database (#32185)
Closes #32180

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-16 15:00:57 +00:00
Michal Hajas
6a9245546e Set clientId if it is not set in the entity
Closes #32195

Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-08-16 14:27:18 +02:00
mposolda
3d787727f9 Add acr scope to all clients for those migrating from older than Keycloak 18
closes #31107

Signed-off-by: mposolda <mposolda@gmail.com>
2024-08-16 12:17:43 +02:00
Alexander Schwartz
88904c0a01
Call JPA code in blocking thread (#32154)
Closes #32153

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-16 10:17:30 +02:00
Alexander Schwartz
49d2efbfb2
Specify version column name in a case-sensitive manner (#32169)
Closes #32127

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-16 10:12:33 +02:00
Stefan Guilhen
aeb1951aba Replace calls to deprecated RealmModel IDP methods
- use the new provider instead

Closes #31254

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-15 10:55:36 -03:00
Martin Kanis
708a6898db Add a count method to the OrganizationMembersResource
Closes #31388

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-08-15 09:12:57 -03:00
Pedro Ruivo
e13c9bf462 Retry remote cache operations with back off
Implement a retry mechanism for remote cache writes.

Fixes #32030

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-08-13 15:55:59 +02:00
vramik
4d7f25535c IDP storage provider Infinispan implementation
Closes #31251

Signed-off-by: vramik <vramik@redhat.com>
2024-08-13 08:36:15 -03:00