libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
23829 commits 4 branches 5 tags 483 MiB
Commit graph

509 commits

Author SHA1 Message Date
Alexander Schwartz
e6cd9a2987
Remove product specific content about Linux only (#26222) 
Closes #26220

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-22 10:38:07 +01:00
Pedro Ruivo
70b4c6bf52
Encrypt network communication in JGroups 
Closes #25702 

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-18 17:24:27 +00:00
rmartinc
2f0a0b6ad8 Remove deprecated mode for saml encryption 
Closes #26291

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-01-18 16:52:10 +01:00
Lex Cao
a960d0d8fa Add upgrading docs for changes to send-verify-email API 
Closes #26146.

Signed-off-by: Lex Cao <lexcao@foxmail.com>
 2024-01-18 09:48:01 +01:00
Ryan Emerson
ba76682590
Use the http-max-queued-requests option for load shedding in HA docs 
Resolves #26223

Signed-off-by: Ryan Emerson <remerson@redhat.com>
 2024-01-17 15:44:08 +01:00
Alexander Schwartz
b9498b91cb
Deprecating the offline session preloading (#26160) 
Closes #25300

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-16 09:29:01 +01:00
Luca Orlandi
d70dd9db67
Update placeholders for hostname and port (#24153) 
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-11 12:05:05 +01:00
Kévin Martins
16dddfa49c
Complete the documentation for the use case of a resource from an email template. (#25705) 
Signed-off-by: Kevin MARTINS <k.martins@ubitransport.com>
 2024-01-10 18:08:04 -03:00
Alexander Schwartz
0f48027ffb Reduce internal unsupported options in the Keycloak HA documentation 
Closes #26068

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-10 17:38:15 +01:00
AndyMunro
b875acbc20 Change RHDG to Infinispan 
Closes #26083

Signed-off-by: AndyMunro <amunro@redhat.com>
 2024-01-10 17:18:50 +01:00
rmartinc
179ca3fa3a Sanitize logs in JBossLoggingEventListenerProvider 
Closes #25078

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-01-10 16:50:27 +01:00
Alexander Schwartz
4be4212dca
Remove conditionals about Linux vs. Windows (#26031) 
Closes #26028

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-10 16:03:38 +01:00
Steven Hawkins
41dd1d2161
doc: adding notes about header priority (#25959) 
closes: keycloak#23023

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-01-10 09:21:49 +01:00
Alexander Schwartz
01939bcf34
Remove concurrent loading of remote sessions as at startup time only one node is up anyway. (#25709) 
Closes #22082

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Martin Kanis <martin-kanis@users.noreply.github.com>
 2024-01-09 16:55:22 +01:00
andymunro
70e15bdaa4
Clarify note about containers 
Closes #26006

Signed-off-by: AndyMunro <amunro@redhat.com>
 2024-01-09 15:20:18 +01:00
shigeyuki kabano
8b65e6727b Creating documentation for Lightweight access token(#25743) 
Closes keycloak#23725

Signed-off-by: shigeyuki kabano <shigeyuki.kabano.sj@hitachi.com>
 2024-01-09 09:48:20 +01:00
Pedro Igor
7fad0e805e
Improve brute force documentation around how the effective wait time is calculated 
Closes #25915

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2024-01-09 07:50:17 +00:00
Sebastian Schuster
92d6da437b
Fixed tiny doc typo (#26012) 
Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>
 2024-01-09 08:02:02 +01:00
Douglas Palmer
58d167fe59 Deleting a User or User Group might cause that all users suddenly get the permissions of the deleted user. 
Closes #24651
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-01-08 19:32:01 -03:00
Alexander Schwartz
badf3f461d Making metrics with labels for embedded Infinispan the default 
Closes #25935

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-08 21:29:03 +01:00
Jon Koops
ddcaa6dcbf
Add release announcement and migration for new welcome theme (#25895) 
Closes #25894

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-01-08 13:10:51 +00:00
Steven Hawkins
7bde7c30cc
fix: do not split on space for option errors (#25876) 
closes #25783

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-01-05 13:01:17 +01:00
Pedro Igor
8ff9e71eae Do not allow verifying email from a different account 
Closes #14776

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-01-05 12:45:07 +01:00
Ryan Emerson
60f80ce0c8
Update Route53 HA guide to be compatible with ROSA and OpenShift 4.14.x (#25900) 
Closes #25733

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-04 17:45:32 +00:00
Pedro Ruivo
2c70b45205
High Availability Docs: use unbounded token for cross-site connection 
Expirable tokens are more secure but it requires manual intervention to
create and share them when they expire.

I have updated the documentation to use non-expirable tokens.

Closes #25909

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-04 17:12:17 +00:00
Ben Cresitello-Dittmar
057d8a00ac Implement Authentication Method Reference (AMR) claim from OIDC specification 
This implements a method for configuring authenticator reference values for Keycloak authenticator executions and a protocol mapper for populating the AMR claim in the resulting OIDC tokens.

This implementation adds a default configuration item to each authenticator execution, allowing administrators to configure an authenticator reference value. Upon successful completion of an authenticator during an authentication flow, Keycloak tracks the execution ID in a user session note.

The protocol mapper pulls the list of completed authenticators from the user session notes and loads the associated configurations for each authenticator execution. It then captures the list of authenticator references from these configs and sets it in the AMR claim of the resulting tokens.

Closes #19190

Signed-off-by: Ben Cresitello-Dittmar <bcresitellodittmar@mitre.org>
 2024-01-03 14:59:05 -03:00
Steven Hawkins
667ce4be9e
enhance: supporting versioned features (#24811) 
also adding a common PropertyMapper validation method

closes #24668

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2024-01-03 17:56:31 +01:00
Pedro Igor
ceb085e7b8 Update the UPDATE_EMAIL feature to rely on the user profile configuration when rendering templates and validating the email 
Closes #25704

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2023-12-20 15:15:06 -03:00
Takashi Norimatsu
751cadc514 Documentation about Australia Consumer Data Right security profile 
closes #25236

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2023-12-19 21:06:03 +01:00
Konstantinos Georgilakis
ba8c22eaf0 Scope parameter in Oauth 2.0 token exchange 
Closes #21578

Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
 2023-12-18 15:44:26 -03:00
Pedro Igor
778847a3ce Updating theme templates to render user attributes based on the user profile configuration 
Closes #25149

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2023-12-18 15:35:52 -03:00
Steven Hawkins
bee7595275
fix: adding the kube ca cert to the truststores 
closes #10794

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2023-12-18 15:56:43 +01:00
Steven Hawkins
e148021a67
fix: adding filtering to ignore anything runtime during a build (#25434) 
fix: adding filtering to ignore anything runtime during a build

closes: #25166

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2023-12-18 12:50:47 +00:00
Marek Posolda
be935c2763
Incorrect version of the fix in release notes (#25661) 
closes #25660

Signed-off-by: mposolda <mposolda@gmail.com>
 2023-12-18 11:56:58 +01:00
Takashi Norimatsu
59536becec Client policies : executor for enforcing DPoP 
closes #25315

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2023-12-18 10:45:18 +01:00
AndyMunro
2853136bbb Remove topic on user attributes in Account Console 
Closes #22555

Signed-off-by: AndyMunro <amunro@redhat.com>
 2023-12-15 12:07:35 +01:00
Erwin Rooijakkers
860978b15a Change arg of getSubGroups to briefRepresentation 
Parameter name briefRepresentation should mean briefRepresentation,
   not full. This way callers will by default get the full
   representation, unless true is passed as value for
   briefRepresentation.

   Fixes #25096

Signed-off-by: Erwin Rooijakkers <erwin@rooijakkers.software>
 2023-12-14 17:23:27 +01:00
Steven Hawkins
08751001db
enhance: adds truststores to the keycloak cr (#25215) 
also generally correcting the misspelling trustore

closes: #24798

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2023-12-14 11:15:06 -03:00
Václav Muzikář
e4c348e99e
Add new --proxy-headers option (#25178) 
* Add new `--proxy-headers` option

Closes #23431

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>

* Address review comments vol. 03

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

* Address review comments vol. 04

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>

---------

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2023-12-13 10:48:12 -03:00
Pedro Igor
fa79b686b6 Refactoring user profile interfaces and consolidating user representation for both admin and account context 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2023-12-13 08:27:55 +01:00
Ryan Emerson
fc2120c881
Add docs for automating Infinispan CLI commands 
Add docs for automating Infinispan CLI commands, Move Batch CR to its own concept

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2023-12-11 17:48:28 +01:00
Steven Hawkins
4db4982e9d
enhance: adding a start optimized flag (#25216) 
closes: #25015



Update docs/guides/operator/customizing-keycloak.adoc
Update docs/documentation/release_notes/topics/24_0_0.adoc
Update operator/src/main/java/org/keycloak/operator/crds/v2alpha1/deployment/KeycloakSpec.java

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
 2023-12-11 16:15:16 +00:00
Steven Hawkins
ba3451ff2e
doc: adding a note about removing the (#25436) 
closes: #25307

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2023-12-08 17:47:33 +01:00
Steven Hawkins
a04613e7ea
doc: adding a note about config expressions 
Closes: #19831

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2023-12-06 19:29:47 +00:00
Alexander Schwartz
a08f112f79
Add links to guides and GitHub discussions (#25271) 
This should increase the likelihood for feedback

Closes #25270

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2023-12-05 08:57:52 +01:00
Michal Hajas
d387f13525
Add tests for lb-check endpoint 
Added documentation why the check retries and updated outdated docs

Closes #25113

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2023-12-04 08:53:37 +01:00
Michal Hajas
cafc238ff2
Add documentation for lb-check 
Closes #25077

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2023-11-30 12:47:06 +00:00
Steven Hawkins
8c3df19722
feature: add option for creating a global truststore (#24473) 
closes #24148

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2023-11-30 08:57:17 +01:00
Alexander Schwartz
dd5b9b1c36
Fix cross-links in guides and remove unprocessed content in include (#25126) 
Closes #25090

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2023-11-30 08:17:23 +01:00
rmartinc
16afecd6b4 Allow automatic download of SAML certificates in the identity provider 
Closes https://github.com/keycloak/keycloak/issues/24424

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2023-11-29 18:03:31 +01:00