Thomas Darimont
3315ea718a
Add ability to enable OID4VCI Verifiable Credentials per realm ( #34524 )
...
- Added new realm property verifiableCredentialsEnabled
- Updated RealmRepresentation
- Guarded route to Oid4VCI page
- Add boolean switch to Realm settings page to control Verifiable Credentials enablement
- We now only show the Verifiable Credentials page in the nave if the "Verifiable Credentials" realm setting is enabled.
Fixes #34524
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-11-04 14:58:30 +01:00
Stefan Guilhen
9c50813bf4
Add validChecksum to jpa-changelog-26.0.0.xml
...
Closes #34450
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-10-31 07:54:27 -03:00
Stefan Guilhen
ac25844731
Ensure hide_on_login has the default value set to 0 on MSSQL
...
Closes #34450
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-10-30 12:46:17 -03:00
Ryan Emerson
902abfdae4
JDBC_PING as default discovery protocol
...
Closes #29399
- Add ProviderFactory#dependsOn to allow dependencies between
ProviderFactories to be explicitly defined
- Disable Infinispan default shutdownhook disabled to ensure lifecycle
is managed exclusively by Keycloak
- Remove Infinispan shutdown hook in KeycloakRecorder and manage
EmbeddedCacheManager lifecycle only in DefaultInfinispanConnectionProviderFactory#close
Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-10-22 20:19:19 +00:00
Gilvan Filho
c4005d29f0
add linear strategy to brute force
...
closes #25917
Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>
2024-10-22 10:33:22 -03:00
Kevin Köllmann
23a6822715
Don't fail on drop index IDX_US_SESS_ID_ON_CL_SESS
...
Closes #33780
Signed-off-by: Kevin Köllmann <kevin@kllmnn.de>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
2024-10-10 15:37:40 +00:00
vramik
b7eaa9b0cb
Wildcard search not working for custom user attributes
...
Closes #32451
Signed-off-by: vramik <vramik@redhat.com>
2024-10-03 08:48:36 -03:00
vramik
c1653448f3
[Organizations] Allow orgs to define the redirect URL after user registers or accepts invitation link
...
Closes #33201
Signed-off-by: vramik <vramik@redhat.com>
2024-10-02 07:37:48 -03:00
Alexander Schwartz
5bb23eb0fc
Optimize update of user attributes ( #32907 )
...
Closes #32906
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-25 16:39:42 +02:00
Stefan Guilhen
6424708695
Ensure organization id is preserved on export/import
...
- Also fixes issues with description, enabled, and custom attributes missing when re-importing the orgs.
Closes #33207
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-25 16:07:44 +02:00
Stefan Guilhen
900c496ffe
Remove the kc.org.broker.public attribute and use hideOnLogin in the IDP instead
...
Closes #32209
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-09-20 16:08:55 +02:00
Michal Hajas
d065be362a
Fix flaky UserSessionPersisterProviderTest
...
Closes #32892
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-20 13:24:34 +02:00
vramik
fcb31a5aa6
Implement invitation-only self-registration for realm users
...
Closes #31643
Signed-off-by: vramik <vramik@redhat.com>
2024-09-18 13:50:23 +02:00
Alexander Schwartz
2a95d0abfa
Sort order of updates for user properties ( #32853 )
...
This should reduce deadlocks on the user property table if the users are updated concurrently.
Closes #32852
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-18 12:37:42 +02:00
Václav Muzikář
83c00731c3
Upgrade to Quarkus 3.14.2 ( #32519 )
...
Closes #32517
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-09-13 20:18:48 +02:00
Michal Hajas
0f97e4cb39
Drop old tables for user and client sessions that are no longer used
...
Closes #32582
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-09-12 11:47:37 +02:00
Stian Thorgersen
40049f31fa
Remove ProxyClassLoader and PlatformProvider returning script classloader ( #32806 )
...
Closes #32804
Signed-off-by: stianst <stianst@gmail.com>
2024-09-11 17:11:26 +02:00
cgeorgilakis-grnet
f8b1b3ee03
Search Identity Providers by alias or display name
...
Closes #32588
Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
2024-09-10 21:52:59 +02:00
Alexander Schwartz
ca951c3002
Drop redundant index on client sessions ( #32665 )
...
Closes #32583
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-06 13:39:32 +02:00
Stefan Guilhen
e7a4635620
Filter out org brokers from the account console
...
- org-linked brokers should not be available for login
- prepare the endpoint for search/pagination
Closes #31944
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-04 09:00:52 -03:00
Stefan Guilhen
557d7e87b2
Avoid iterating through all mappers when running the config event listeners
...
Closes #32233
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-04 07:40:58 -03:00
Martin Kanis
7e6dd682d4
Validate organization alias for forbidden chars
...
Closes #32392
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-08-28 21:59:38 +02:00
vramik
37f42430e6
When Organization feature is enabled UserAdapter.getGroupsCount() returns wrong result
...
Closes #32460
Signed-off-by: vramik <vramik@redhat.com>
2024-08-28 21:20:56 +02:00
Stefan Guilhen
88cca10472
Rename IDPSpi to IdentityProviderStorageSpi
...
Closes #31639
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-26 15:10:09 -03:00
Stefan Guilhen
98dc21e6fc
Add non-null filter when fetching groups.
...
Closes #32321
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-26 09:33:51 -03:00
Vlasta Ramik
d63c0fbd13
Decouple Identity provider mappers from RealmModel ( #32251 )
...
* Decouple Identity provider mappers from RealmModel
Closes #31731
Signed-off-by: vramik <vramik@redhat.com>
2024-08-22 12:05:19 -03:00
Alexander Schwartz
04d2126c73
Don't fetch expired user sessions from the database
...
Closes #32273
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-22 12:51:43 +02:00
Alexander Schwartz
5740f8836a
Cleanup
...
Closes #32273
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-22 12:51:43 +02:00
yelhouti
e8840df0e0
Fix: admin GUI not working with 1000s of realms
...
Search by RealmName is done before loading all realms when filtering
Closes #31956
Signed-off-by: Youssef El Houti <youssef.elhouti@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-21 14:58:36 +02:00
Stefan Guilhen
585d179fe0
Ensure identity providers returned to the org IDP selection are IDPs not associated with any orgs.
...
Closes #32238
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-21 07:49:01 -03:00
Stefan Guilhen
fa7c2b5da6
Address review comments
...
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Stefan Guilhen
f82159cf65
Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code.
...
Closes #32090
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Alexander Schwartz
74fec50ac5
Load client sessions in chunks from the database ( #32185 )
...
Closes #32180
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-16 15:00:57 +00:00
Alexander Schwartz
49d2efbfb2
Specify version column name in a case-sensitive manner ( #32169 )
...
Closes #32127
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-16 10:12:33 +02:00
Stefan Guilhen
aeb1951aba
Replace calls to deprecated RealmModel IDP methods
...
- use the new provider instead
Closes #31254
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-15 10:55:36 -03:00
Martin Kanis
708a6898db
Add a count method to the OrganizationMembersResource
...
Closes #31388
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-08-15 09:12:57 -03:00
vramik
4d7f25535c
IDP storage provider Infinispan implementation
...
Closes #31251
Signed-off-by: vramik <vramik@redhat.com>
2024-08-13 08:36:15 -03:00
Michal Hajas
50c07c6e7c
Simplify configuration for MULTI_SITE
...
Closes #31807
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-08-06 16:14:33 +00:00
Alexander Schwartz
00bfc2c34f
Adding an index for the revoked tokens table to speed up the cleanup ( #31790 )
...
Closes #31725
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-01 11:12:53 +02:00
Martin Kanis
d91d6d18d5
Can not update organization group error when trying to create organisation from REST API
...
Closes #31144
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-07-29 17:39:56 +02:00
Stefan Guilhen
f45529de8c
Deprecate IDP related methods in RealmModel
...
- delegate to the new provider
Closes #31253
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-07-29 16:02:26 +02:00
Stefan Guilhen
4c5f54ce0b
Add JPA implementation for the IDPProvider
...
Closes #31250
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-07-29 16:02:26 +02:00
Pedro Igor
04bd6653ec
Invalidating domain cache and introducing cache for more query methods
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-07-29 09:02:36 +02:00
Pedro Igor
1f8280c71a
Allow members joining multiple organizations
...
Closes #30747
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-07-29 09:02:36 +02:00
Alexander Schwartz
227c71f7f0
Persisting revoked access tokens
...
Closes #31296
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-26 11:46:14 +02:00
vramik
649b35929e
Make sure users created through a registration link are managed members
...
Closes #30743
Signed-off-by: vramik <vramik@redhat.com>
2024-07-25 04:30:13 -03:00
Alexander Schwartz
65d4b74758
Filter out null values when looking up entries by ID
...
This should prevent null elements in the stream when doing concurrent operations.
Closes #28865
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-23 09:22:41 +02:00
Pedro Igor
de1de06354
Avoid adding organization flows if they are already exist
...
Closes #31182
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-07-17 08:28:00 +02:00
Giuseppe Graziano
1df60461a9
Avoid race condition when using initial-access-token
...
Closes #27294
Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-07-12 16:33:02 +02:00
rmartinc
ce195b81f8
Improve consent deletion when a realm is removed
...
Closes #30992
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-07-10 09:44:42 +02:00