Stian Thorgersen
fea49765f0
Remove Jetty 9.4 adapters ( #26261 )
...
Only removing the distribution of the Jetty adapter for now, and leaving the rest for now. This is due to the complexity of removing all Jetty adapter code due to Spring, OSGI, Fuse, testsuite, etc. and it will be better to leave the rest of the clean-up to after 24 when we are removing most adapters
Closes #26255
Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 11:17:29 +01:00
Douglas Palmer
ee5593a88f
CVE-2022-1471- SnakeYaml remote code execution by sending malicious YAML content
...
Closes #25261
Signed-off-by: Douglas Palmer dpalmer@redhat.com
2024-01-24 11:08:17 +01:00
Alexander Schwartz
a8eca6add0
Changing to the Infinispan BOM to avoid mis-aligned Infinispan dependencies ( #26137 )
...
Closes #22922
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
2024-01-15 09:20:47 +01:00
Martin Kanis
022e809373
Map Store Removal: Remove protostream dependency
...
Closes #25288
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-03 16:04:00 +01:00
Michal Hajas
b1777defbd
Upgrade Infinispan to 14.0.21.Final
...
Closes #25287
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2023-12-05 13:20:55 +01:00
Alfredo Moises Boullosa
0b48bef0b1
Update springboot version
...
Signed-off-by: Alfredo Moises Boullosa <aboullos@redhat.com>
2023-12-04 11:15:51 +01:00
Václav Muzikář
1be51ee510
Downgrade Oracle driver
...
Closes #24983
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2023-11-27 16:07:59 +01:00
Jean-Francois Denise
203eb3421a
Add Galleon layer metadata to the SAML Galleon feature-pack
...
Signed-off-by: Jean-Francois Denise <jdenise@redhat.com>
2023-11-22 10:56:27 +01:00
Václav Muzikář
3bc7ef7ed5
Update to Quarkus 3.2.9 ( #24842 )
...
Closes #24841
Closes #24160
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-20 14:27:13 +01:00
Martin Bartoš
fd56666334
SAML ECP does not work on the latest WF/EAP8
...
Fixes #24746
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2023-11-16 21:17:19 +01:00
vramik
6fa26d7ff4
Delete map dependencies from dependency management
...
Closes #24101
2023-11-08 13:53:17 +01:00
Peter Skopek
e5eded0eab
Add possibility to override fileName and base directory of Keycloak Quarkus distribution ZIP archive ( #24284 )
...
Closes #24283
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-11-07 10:31:58 +01:00
Bruno Oliveira da Silva
599cc41715
CVE-2023-44483 - Insertion of Sensitive Information into Log File vulnerability in org.apache.santuario:xmlsec
...
Closes #24224
2023-10-31 10:51:03 +01:00
Bruno Oliveira da Silva
8df561c675
CVE-2023-4586 - Hot Rod client does not enable hostname validation when using TLS that lead to a MITM attack
...
A vulnerability was found in the Hot Rod client. This security issue
occurs as the Hot Rod client does not enable hostname validation when
using TLS, possibly resulting in a man-in-the-middle (MITM) attack.
Closes #24328
Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-10-30 15:57:53 +01:00
Jon Koops
5464205ab2
Cache Node.js installation and PNPM store
...
Closes #23695
2023-10-30 07:50:06 -04:00
Martin Bartoš
9627187447
Adapter tests failing with Jakarta error ( #24177 )
...
Fixes #24176
2023-10-24 10:11:48 -04:00
Bruno Oliveira da Silva
b05b575646
CVE-2023-44487 Denial of Service (DoS) vulnerability in io.netty ( #24115 )
...
Closes #23949
2023-10-20 09:13:27 +02:00
Stefan Guilhen
a4073bae46
Upgrade H2 to 2.2.224
...
Closes #24064
2023-10-18 18:09:49 +02:00
Sophie Tauchert
9df1c781eb
Fix generated OpenAPI spec
...
Changes:
- update the smallrye openapi generator plugin to latest to correctly handle
Stream<T> responses
- add annotations to RealmRepresentation.clientProfiles and .clientPolicies
2023-10-10 11:41:46 +02:00
vramik
7f2f4aae67
Upgrade liquibase version to avoid a bug where a changeset is executed twice
...
Closes #23220
2023-10-05 13:35:05 +02:00
Alex Szczuczko
7953085ed2
Fix set-version.sh's handling of NPM versions ( #23638 )
...
This introduces a maven property, `project.version.npm`, to allow maven to know what NPM version is, in scenarios that it's not identical to `project.version`. This occurs when the set-version's semver translation code is activated
Closes #23635
2023-10-04 08:00:53 +02:00
rmartinc
7afd90982d
Align wildfly-core and wildfly version for tests
...
Closes https://github.com/keycloak/keycloak/issues/23342
2023-09-21 10:53:57 +02:00
Václav Muzikář
07bd6a3983
Upgrade to Quarkus 3.2.6 ( #23281 )
...
Closes #23280
2023-09-15 13:46:43 +02:00
Pedro Igor
63fc38ca1f
Marking wildfly-common as compile scope ( #23105 )
2023-09-11 16:08:32 +02:00
Alexander Schwartz
93a80e9278
Upgrade to Infinispan 14.0.17 ( #23097 )
...
Closes #23046
2023-09-08 17:26:40 +02:00
Alexander Schwartz
2eb37dbe4f
Remove MS SQL JDBC driver from the Keycloak product
...
Closes #22983
2023-09-07 15:30:34 +02:00
Peter Skopek
35c2d52a54
Set distinct wildfly-common versions for Quarkus and WildFly based modules
...
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-07 13:32:25 +02:00
Peter Skopek
bca5fe8051
Tidy up SAML Adapter Galleon Feature Pack build
...
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-07 13:32:25 +02:00
Farah Juma
ec08a7bb73
Update the Keycloak SAML adapter subsystem to no longer use the AttributeDefinition#getAttributeMarshaller method
...
Closes https://github.com/keycloak/keycloak/issues/22593
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-07 13:32:25 +02:00
Peter Skopek
ef272f7668
SAML Adapter fix for EAP8 and WF29
...
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-07 13:32:25 +02:00
Peter Skopek
c92d10c750
Remove org.jetbrains:annotations:jar from server distribution. ( #23015 )
...
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-06 22:24:00 +02:00
Alexander Schwartz
71fa95721d
Upgrade to Infinispan 14.0.16 ( #22945 )
...
Closes #22932
2023-09-05 10:08:46 +02:00
Alexander Schwartz
65a3af8a1e
Upgrade to Infinispan 14.0.15.Final ( #22887 )
...
Closes #22855
2023-09-01 17:59:42 +02:00
Václav Muzikář
34348157ce
Upgrade to Quarkus 3.2.5.Final ( #22746 )
...
* Upgrade to Quarkus 3.2.5.Final
* Update K8s version
Closes #22745
2023-08-30 09:36:35 +02:00
Jon Koops
94f41444f4
Bump Node.js and PNPM versions ( #22796 )
2023-08-29 14:54:49 -04:00
Václav Muzikář
27b23ccefb
Upgrade to Quarkus 3.2.4.Final ( #22419 )
...
Closes #22418
2023-08-16 16:30:16 +02:00
Peter Skopek
ec2728c55c
Update webauth4j to 0.21.5.RELEASE
...
Closes #22464
2023-08-16 10:21:18 -03:00
Alexander Schwartz
dfc8c80264
Upgrade to Infinispan 14.0.14 ( #22386 )
...
Closes #21092
2023-08-16 14:43:03 +02:00
Václav Muzikář
4b537bee42
Upgrade to Quarkus 3.2.3
...
Closes #22220
2023-08-04 14:51:26 +02:00
Václav Muzikář
ecdf8e897f
Upgrade to Quarkus 3.2.2.Final ( #21912 )
...
Closes #21907
2023-07-26 16:20:23 +02:00
Alexander Schwartz
7c9593f88a
Upgrade Infinispan to 14.0.13.Final ( #21565 )
...
Closes #21564
2023-07-20 16:59:19 +00:00
Václav Muzikář
776bcbcbd4
Update bcpkix and bcprov dependencies ( #21543 )
...
Closes #21360
2023-07-20 11:57:18 +02:00
Bruno Oliveira da Silva
ebf878e1f0
CVE-2022-45868 H2 Cleartext Storage of Sensitive Information ( #21568 )
...
Closes #21567
2023-07-11 08:09:24 +02:00
Václav Muzikář
97a37f565e
Align guava dependency with the Quarkus Platform BOM ( #21544 )
...
Closes #21364
2023-07-10 16:13:13 +02:00
Bruno Oliveira da Silva
ebc9e9f4ef
CVE-2023-21971 - Update Connector/J to 8.0.33
...
Updates to the library name to align with the changes here:
- https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/news-8-0-31.html
Closes #21199
2023-07-07 20:48:38 +02:00
Gregor Tudan
4517ef5d7e
Bump Freemarker to Version 2.3.32. ( #16866 )
...
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-07-07 10:40:59 -03:00
Peter Zaoral
2b1c29a6f2
Use Quarkus Platform BOM
...
Closes #20570
Closes #15870
Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
2023-07-06 12:45:48 -03:00
Alexander Schwartz
3f1553c6cb
Referencing information in pom.xml for the list of tested databases
...
Closes : #21349
2023-07-06 11:39:11 -03:00
Miquel Simon
e1eb5146a6
Closes #20226 and #20227 . Upgrade ojdbc11 version due to CVE-2022-21510 and CVE-2022-21511.
2023-07-06 13:27:39 +02:00
Miquel Simon
9513cbbca0
Upgrade nexus staging maven plugin version ( #21428 )
...
Closes #21427
2023-07-04 11:00:04 +00:00
mposolda
0ea2891eee
Remove support for OpenJDK 11 on the server side
...
closes #15014
2023-07-03 13:12:22 -03:00
Václav Muzikář
8db6f8185b
Upgrade to Quarkus 3.2.0.Final and QOSDK 6.2.0
...
Closes #21272
2023-07-03 08:11:18 -03:00
Václav Muzikář
ad988ca914
Upgrade to Quarkus 3.2.0.Final and QOSDK 6.2.0
...
Closes #21272
2023-07-03 08:11:18 -03:00
Miquel Simon
83d043e7a8
Upgrade supported and tested version of Postgresql to 15 in order to match supported configuration for Keycloak 22. ( #21333 )
...
Closes #21338
2023-06-30 11:29:06 +00:00
Joshua Sorah
f695eeaa44
Refactor Admin REST API Documentation to use OpenAPI annotations.
...
Removes dependencies on swagger-doclet
Adds dependencies on microprofile-openapi-api
Plugins for smallrye-open-api-maven-plugin, openapi-generator-maven-plugin
Customized ascii doc template for openapi-generator-maven-plugin, to give similar feel to previous documentation.
OpenAPI annotations added to Admin REST API resources.
Closes keycloak/keycloak#20433
2023-06-29 17:03:38 +02:00
Bruno Oliveira da Silva
67c64c37df
Guava vulnerable to insecure use of temporary directory
...
Closes #21079
2023-06-23 11:50:17 -03:00
Bruno Oliveira da Silva
4103ec58d8
Update to Quarkus 3.1.2.Final
...
Closes #21051
2023-06-19 12:59:11 -03:00
Martin Bartoš
c3000984db
Upgrade to Quarkus 3.1.1.Final ( #20958 )
...
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-06-14 08:51:38 -03:00
Jon Koops
72af6a0454
Enable Dependabot for PNPM ( #20975 )
2023-06-14 07:24:27 +02:00
Bruno Oliveira da Silva
f90536d6be
High severity - Use of a Broken or Risky Cryptographic Algorithm vulnerability in org.bitbucket.b_c:jose4j ( #20632 )
...
Closes #20631
2023-06-13 08:22:50 +02:00
Alexander Schwartz
475b4fa05b
Remove override of mime4j version in parent pom ( #20893 )
...
Closes #20892
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2023-06-12 13:23:41 +02:00
Martin Kanis
5730b54ac7
keycloak-server from testsuite won't start
...
Closes #20920
2023-06-12 13:22:21 +02:00
Alexander Schwartz
4d0fa6796f
Upgrade to Infinispan 14.0.10.Final ( #20804 )
...
Closing #20803
2023-06-08 10:43:22 +02:00
Jon Koops
fcd2a5138d
Update dependencies to latest version ( #20788 )
2023-06-06 12:35:06 -04:00
Bruno Oliveira da Silva
dcdd102f8c
Update Keycloak to Quarkus 3.1.0.Final ( #20698 )
...
Closes #20697
2023-06-01 13:50:15 +02:00
Václav Muzikář
f627e9535f
Add support to the Operator for setting default labels on Keycloak pods ( #20661 )
...
Closes #20625
2023-06-01 13:39:41 +02:00
stianst
0832992e59
Removing OpenShift integration and moving to separate extension
...
closes #20496
Co-authored-by: mposolda <mposolda@gmail.com>
2023-05-30 17:39:32 +02:00
Bruno Oliveira da Silva
38994de056
Update Keycloak to Quarkus 3.0.4.Final ( #20561 )
...
Closes #20560
2023-05-25 15:42:43 +02:00
rmartinc
827943571e
Downgrade jna to 4.5.1 to align with prod
...
Closes https://github.com/keycloak/keycloak/issues/20387
2023-05-24 11:43:20 +02:00
mposolda
588265e463
Upgrade owasp sanitizer to newest version
...
closes #20388
2023-05-23 09:57:14 +02:00
dependabot[bot]
22593c5878
Bump undertow-core from 2.2.22.Final to 2.2.24.Final ( #20463 )
...
Bumps [undertow-core](https://github.com/undertow-io/undertow ) from 2.2.22.Final to 2.2.24.Final.
- [Commits](https://github.com/undertow-io/undertow/compare/2.2.22.Final...2.2.24.Final )
---
updated-dependencies:
- dependency-name: io.undertow:undertow-core
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-22 16:31:19 +02:00
Alexander Schwartz
d7a408d081
Remove log4j dependency from model/jpa which is EOL
...
Closes #20421
2023-05-19 17:43:51 -03:00
Václav Muzikář
893a285ac4
Upgrade to Quarkus 3.0.3.Final
...
Closes #20300
2023-05-18 12:54:11 -03:00
Alex Szczuczko
1578506475
Seperate version properties for hibernate-enhance and quarkus-maven ( #20264 )
...
This will allow them to be defined seperately from aligned dependency
versions suitable for product
Closes #20261
2023-05-18 14:37:55 +00:00
Martin Bartoš
812a6c0b99
Improve readability of Operator guides ( #20093 )
...
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-05-17 17:34:32 +02:00
Bruno Oliveira da Silva
ac83754cfb
Remove duplicated properties from the main POM file
...
The property `jakarta.persistence.version` is duplicated in the main POM
file.
Closes #20317
2023-05-15 20:41:11 -03:00
rmartinc
cfaaa07529
Upgrade JNA library
...
Closes https://github.com/keycloak/keycloak/issues/20305
2023-05-15 18:24:31 +02:00
Miquel Simon
e959e20e1a
Upgrade tested DB versions
2023-05-15 12:36:27 -03:00
Jon Koops
8331f57bfd
Update dependencies to latest version ( #20355 )
2023-05-15 14:58:04 +00:00
Jon Koops
2a18bcb246
Move from NPM to PNPM ( #19839 )
2023-05-05 12:03:24 -04:00
Martin Bartoš
960e3503ec
Artifact SLF4J LOG4J-12 has been relocated ( #20113 )
2023-05-05 13:57:45 +02:00
Bruno Oliveira da Silva
d106de1c87
Update to Quarkus 3.0.2.Final ( #20154 )
...
Closes #20152
2023-05-04 13:08:47 +00:00
Alexander Schwartz
c2c5012cfb
Upgrade to latest Infinispan version 14.0.8
...
Closes #20067
2023-05-02 13:45:05 +02:00
Bruno Oliveira da Silva
373b5c1d9f
Update to Quarkus 3.0.1.Final ( #20011 )
...
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Closes #20010
Closes #19080
Closes #17476
Closes #19286
Closes #17557
Closes #17556
Closes #17555
Closes #17475
Closes #15879
Closes #15878
2023-05-02 10:13:23 +02:00
Martin Bartoš
3f6925143a
Support JavaEE for Admin client ( #19988 )
2023-04-28 16:35:31 +02:00
Martin Bartoš
9186327807
Remove duplicate Servlet API dependency
...
Closes #19993
2023-04-28 09:07:39 +02:00
Martin Bartoš
30ea43f06f
Remove workaround related to the SmallRye configuration
...
Upgrade to Quarkus 3.0.0.Final
Closes #19084
2023-04-27 13:36:54 +02:00
Alexander Schwartz
c7749dc5dd
Upgrading to latest Hibernate release
...
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Alexander Schwartz
7a5e265e92
Update to Quarkus 3.0.0.Beta1
...
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
8fb7fb0de9
Integrate Quarkus 3.0.0.Alpha6
...
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
bc43e4f435
Integrate Jakarta Mail API 2.1.0
2023-04-27 13:36:54 +02:00
Martin Bartoš
952faed4c9
Run Adapter tests with JavaEE support
...
---
Quarkus3 branch sync no. 9 (10.3.2023)
Resolved conflicts:
keycloak/.github/actions/build-keycloak/action.yml - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
64738ea708
Fix issues with JakartaEE Mail dependencies
...
This reverts commit da4644844ed88818c05d777460624403326ab01c
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
2023-04-27 13:36:54 +02:00
Stefan Guilhen
5e0182ac24
Adds com.sun.xml.ws.rt dependency to saml-core-api
...
Closes #16743
2023-04-27 13:36:54 +02:00
Stefan Guilhen
3409a0c840
Fixes SAML tests in testsuite
...
- adds dependency to saaj-impl in saml core public
- updates test apps' web.xml files to use jakarta namespaces
- small cleanup in main pom
- changes order of e-mail servers in testsuite pom to enforce usage of greenmail (changes order in Undertow's classpath)
Closes #16711
2023-04-27 13:36:54 +02:00
Martin Bartoš
b1da7bd613
Revert Mail API
...
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
keycloak/quarkus/pom.xml - Modified
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
1f126647fe
Update dependencies
2023-04-27 13:36:54 +02:00
Peter Zaoral
4ff2de7f46
Quarkus3 branch sync
...
18.1.2023:
* applied Quarkus 3 OpenRewrite recipe
* fixed the parts that were missed by the script
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Martin Bartoš
124591ce1a
Adapters can still use Java EE
...
- Provided all JavaEE dependencies for adapters
- Automatically build Undertow Jakarta EE for testsuite (missing SAML)
---
Quarkus3 branch sync no. 11 (24.3.2023)
Resolved conflicts:
keycloak/adapters/oidc/spring-security/pom.xml - Modified
---
Quarkus3 branch sync no. 7 (27.2.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml - Modified
---
Quarkus3 branch sync no. 1 (18.1.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
40c38e0133
Fix dependencies in testsuite, adapters and Quarkus module
...
---
Quarkus3 branch sync no. 11 (24.3.2023)
Resolved conflicts:
keycloak/adapters/oidc/spring-security/pom.xml - Modified
2023-04-27 13:36:54 +02:00