Commit graph

22207 commits

Author SHA1 Message Date
Jon Koops
29f9523646
Ensure RegisterTest runs in Chrome and Firefox (#21036) 2023-06-16 08:00:04 -04:00
Martin Bartoš
c6995f5ded Save ~2s for Keycloak startup in the testsuite
Relates to #21033
2023-06-16 10:47:28 +02:00
Sharif Rezvani
365fb34df4
Adding a list of translated texts, to check the right path (#19747)
* Adding a list of translated texts, to check the right path

* added some more translation files

* fixed issues with farsi translations

* added locale_fa in other languages

* added some missing translations
2023-06-15 16:25:13 -04:00
Azarchaniel
a0917cdeae
Changed the email message so it shows properly formatted time (e.g. 7 days instead of 10080 minutes); Also I found missing double quote in line 9 and fixed it; (#21035) (#21037) 2023-06-15 14:19:10 -04:00
Jon Koops
651a7f29fc
Promote Account Console v3 to preview (#20969) 2023-06-15 12:24:01 -04:00
Jon Koops
808988fe20
Update dependencies to latest version (#21002) 2023-06-15 11:46:41 +02:00
Martin Bartoš
c3000984db
Upgrade to Quarkus 3.1.1.Final (#20958)
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-06-14 08:51:38 -03:00
Erik Jan de Wit
c87f9a0686
move jumplinks to the top if there no room (#20952)
fixes: #20951
2023-06-14 11:10:21 +02:00
Alexander Schwartz
f0f664dbb5 Prevent NPE on close() if postInit() hasn't been called
Closes #20977
2023-06-14 10:50:12 +02:00
Erik Jan de Wit
c0ac409974
fixed pagination on the sessions tab (#20865)
* fixed pagination on the sessions tab

fixes: #20835

* changed to use steam
2023-06-14 08:25:27 +00:00
Erik Jan de Wit
30a0c31153
remove attributes form when use profile enabled (#20923)
When user profile is activated the attributes tab is useless

towards fixing: #20837
2023-06-14 08:02:12 +02:00
Jon Koops
72af6a0454
Enable Dependabot for PNPM (#20975) 2023-06-14 07:24:27 +02:00
Alexander Schwartz
e410a76c42 Avoid caching the list of clientscopes in two places
Closes #20426

Co-authored-by: Martin Kanis <mkanis@redhat.com>
2023-06-13 21:33:21 +02:00
Jon Koops
c998193797
Pass client id for Account and Admin consoles through environment (#20961) 2023-06-13 16:29:37 +00:00
Stan Silvert
e4cc7825f3
Restore feature flags and hidden menu items. (#20912)
Fixes #19683
2023-06-13 10:16:41 -04:00
Steve Hawkins
7e2565c9fe using multiple SchemaSwap annotations instead of the schell script
Closes #10736
2023-06-13 06:00:28 -03:00
rmartinc
ecf52285bc Simplify TokenManager expiration calculations using SessionExpirationUtils
Closes https://github.com/keycloak/keycloak/issues/20794
2023-06-13 10:09:47 +02:00
Bruno Oliveira da Silva
f90536d6be
High severity - Use of a Broken or Risky Cryptographic Algorithm vulnerability in org.bitbucket.b_c:jose4j (#20632)
Closes #20631
2023-06-13 08:22:50 +02:00
Pedro Igor
af975d20f1 Avoid iterating indefinetly when checking CRLs
Closes #20725
2023-06-12 17:50:16 +02:00
Steve Hawkins
c1e96564dc Removes the check for full readiness of 3 replicas
In the ci environment the amount of time between 3 pods being created
and all being ready seems highly variable.  Also since we currently lack
the status information to determine if a deployment is not progressing,
it's best just to remove this check.  The latter check asserting full
readiness of 2 replicas will suffice.

Closes #20888
2023-06-12 12:34:48 -03:00
vramik
535bba5792 Update UserQueryProvider methods
Closes #20438
2023-06-12 16:04:26 +02:00
Arnaud Martin
ae5a47d548 Impossible to update a federated user credential label
Closes #16613
2023-06-12 15:39:52 +02:00
Andreas Blättlinger
35736b86ae
User Attribute Search (#19574)
Co-authored-by: Andreas Blaettlinger <bln1imb@bosch.com>
2023-06-12 14:17:54 +02:00
Jon Koops
79ff5ded63
Make "Personal Info" the default index route (#20887) 2023-06-12 14:10:26 +02:00
Alexander Schwartz
9425432f2c Handle HTTP response codes when retrieving data from remote endpoints
Closes #20895
2023-06-12 13:37:59 +02:00
Alexander Schwartz
475b4fa05b
Remove override of mime4j version in parent pom (#20893)
Closes #20892

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2023-06-12 13:23:41 +02:00
Martin Kanis
5730b54ac7 keycloak-server from testsuite won't start
Closes #20920
2023-06-12 13:22:21 +02:00
rmartinc
f3fcf1f8c5 Session cross-reference / transaction mismatch
Closes https://github.com/keycloak/keycloak/issues/20855
2023-06-12 13:18:39 +02:00
Erik Jan de Wit
4b3733de2e
little wrapper around the time selector (#20881)
this makes it easier to use
2023-06-12 12:53:29 +02:00
Erik Jan de Wit
c771890da8
added test saml advanced tab (#20880) 2023-06-12 12:52:45 +02:00
Erik Jan de Wit
9c9cd4cf21
increased policy row with (#20816)
fixes: #20674
2023-06-12 12:51:37 +02:00
Erik Jan de Wit
e750ad71de
added fix for url encoded paths (#20813)
fixes: #20782
2023-06-12 12:51:19 +02:00
Erik Jan de Wit
911663b65c
use admin client instead of fetch (#20774) 2023-06-12 12:50:53 +02:00
Erik Jan de Wit
db315b59f6
use ui ext groups endpoint (#20772)
so that we have filtering for fine grained groups
fixes: https://github.com/keycloak/keycloak/issues/19655#issuecomment-1573350358
2023-06-12 12:50:26 +02:00
Erik Jan de Wit
a61b1e7fb2
use id instead of name (#20717)
fixes: #20694
2023-06-12 12:50:03 +02:00
Erik Jan de Wit
8d2dbbe6ad
added missing "allow ecp flow" field (#20713)
fixes: #20673
2023-06-12 12:46:03 +02:00
Vlasta Ramik
ed473da22b
Clean-up of deprecated methods and interfaces
Fixes #20877

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-09 17:11:20 +00:00
Rinus Wiskerke
fbfdb54745
Strip rotated client secret from export json (#19394)
Closes #19373
2023-06-09 10:46:28 +02:00
André
fbb758216f
Fixes the links to the REST api documentation (#20858)
Closes #20700
2023-06-08 14:11:52 -04:00
Steven Hawkins
91a3ab6b87
expands the status handling to account for the prior status (#20856)
Closes #20853
2023-06-08 17:09:39 +02:00
rmartinc
61968bf747 Use OIDCAttributeMapperHelper.mapClaim in the GroupMembershipMapper
Closes https://github.com/keycloak/keycloak/issues/19767
2023-06-08 11:12:24 -03:00
Réda Housni Alaoui
eb9bb281ec Require user to agree to 'terms and conditions' during registration 2023-06-08 10:39:00 -03:00
Marek Posolda
8080085cc1
Removing 'http challenge' authentication flow and related authenticators (#20731)
closes #20497


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-08 14:52:34 +02:00
Alexander Schwartz
4d0fa6796f
Upgrade to Infinispan 14.0.10.Final (#20804)
Closing #20803
2023-06-08 10:43:22 +02:00
Hynek Mlnarik
12dd3edb10 Fix pagination issue with H6
With Hibernate ORM 6, pagination started to be unreliable: When
setting the max results only if the first row was 0 has randomly
affected other threads where first row was greater than 0. The
latter thread sometimes produced query which did *not* account
for the offset (cf. threads `-t1` and `-t2` below, while `-t2`
missed the `offset ? rows` part whic `-t3` has).

This has been fixed by setting the first row offset unconditionally.

Closes: #20202
Closes: #16570

```
2023-06-02 10:19:03.855000 TRACE [org.keycloak.models.sessions.infinispan.initializer.SessionInitializerWorker] (blocking-thread-node-2-p8-t1) Running computation for segment 0 with worker 0
2023-06-02 10:19:03.856000 TRACE [org.keycloak.models.sessions.infinispan.initializer.OfflinePersistentUserSessionLoader] (blocking-thread-node-2-p8-t1) Loading sessions for segment=0 lastSessionId=00000000-0000-0000-0000-000000000000 first=0
2023-06-02 10:19:03.856000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t1) Set max to 64 in org.hibernate.query.sqm.internal.QuerySqmImpl@2fb60f8b
2023-06-02 10:19:03.856000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t1) After pagination: 0, 64
2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.SessionInitializerWorker] (blocking-thread-node-2-p8-t2) Running computation for segment 1 with worker 1
2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.OfflinePersistentUserSessionLoader] (blocking-thread-node-2-p8-t2) Loading sessions for segment=1 lastSessionId=00000000-0000-0000-0000-000000000000 first=64
2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.SessionInitializerWorker] (blocking-thread-node-2-p8-t3) Running computation for segment 2 with worker 2
2023-06-02 10:19:03.857000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t2) Set first to 64 in org.hibernate.query.sqm.internal.QuerySqmImpl@71464e9f
2023-06-02 10:19:03.857000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t2) Set max to 64 in org.hibernate.query.sqm.internal.QuerySqmImpl@71464e9f
2023-06-02 10:19:03.857000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t2) After pagination: 64, 64
2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.OfflinePersistentUserSessionLoader] (blocking-thread-node-2-p8-t3) Loading sessions for segment=2 lastSessionId=00000000-0000-0000-0000-000000000000 first=128
10:19:03,859 DEBUG [org.hibernate.SQL] (blocking-thread-node-2-p8-t1)
    select
        p1_0.OFFLINE_FLAG,
        p1_0.USER_SESSION_ID,
        p1_0.CREATED_ON,
        p1_0.DATA,
        p1_0.LAST_SESSION_REFRESH,
        p1_0.REALM_ID,
        p1_0.USER_ID
    from
        OFFLINE_USER_SESSION p1_0,
        REALM r1_0
    where
        r1_0.ID=p1_0.REALM_ID
        and p1_0.OFFLINE_FLAG=?
        and p1_0.USER_SESSION_ID>?
    order by
        p1_0.USER_SESSION_ID fetch first ? rows only
10:19:03,859 DEBUG [org.hibernate.SQL] (blocking-thread-node-2-p8-t2)
    select
        p1_0.OFFLINE_FLAG,
        p1_0.USER_SESSION_ID,
        p1_0.CREATED_ON,
        p1_0.DATA,
        p1_0.LAST_SESSION_REFRESH,
        p1_0.REALM_ID,
        p1_0.USER_ID
    from
        OFFLINE_USER_SESSION p1_0,
        REALM r1_0
    where
        r1_0.ID=p1_0.REALM_ID
        and p1_0.OFFLINE_FLAG=?
        and p1_0.USER_SESSION_ID>?
    order by
        p1_0.USER_SESSION_ID fetch first ? rows only
2023-06-02 10:19:03.860000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t1) binding parameter [1] as [VARCHAR] - [1]
2023-06-02 10:19:03.860000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t1) binding parameter [2] as [VARCHAR] - [00000000-0000-0000-0000-000000000000]
2023-06-02 10:19:03.860000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t1) binding parameter [3] as [INTEGER] - [64]
10:19:03,860 DEBUG [org.hibernate.SQL] (blocking-thread-node-2-p8-t3)
    select
        p1_0.OFFLINE_FLAG,
        p1_0.USER_SESSION_ID,
        p1_0.CREATED_ON,
        p1_0.DATA,
        p1_0.LAST_SESSION_REFRESH,
        p1_0.REALM_ID,
        p1_0.USER_ID
    from
        OFFLINE_USER_SESSION p1_0,
        REALM r1_0
    where
        r1_0.ID=p1_0.REALM_ID
        and p1_0.OFFLINE_FLAG=?
        and p1_0.USER_SESSION_ID>?
    order by
        p1_0.USER_SESSION_ID offset ? rows fetch first ? rows only
2023-06-02 10:19:03.861000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t3) binding parameter [3] as [INTEGER] - [128]
2023-06-02 10:19:03.861000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t3) binding parameter [4] as [INTEGER] - [64]
```

Co-authored-by: mkanis <mkanis@redhat.com>
2023-06-07 20:45:34 +02:00
Miquel Simon
7e95d57faa Add Migration Tests to CI workflow 2023-06-07 19:43:48 +02:00
Steven Hawkins
075d913037
enabling keycloak to be a scalable resource (#20828)
Closes #20825
2023-06-07 17:57:25 +02:00
Saman-jafari
31db84e924 fix: issuedFor added to token to get client id into the token also redirect uri added to token and then passed to info template for "back to application" functionality
test also added to check the availability of issueFor(azp) and redirect uri in Action
Fixes #14860
Fixes #15136
2023-06-07 12:19:46 -03:00
Zvi Grinberg
ace83231ee Update RegexPolicyTest.java
Add forgotten imports
2023-06-07 10:18:10 -03:00
Zvi Grinberg
b29ce53f6e Fix bug in regex policy evaluation that it ignored flatted user claims that are mapped by protocol mappers to complex JSON structure in access token( in the access token JWT it's key and value is a JSON by itself)
fixes: #20436
Signed-off-by: Zvi Grinberg <zgrinber@redhat.com>
2023-06-07 10:18:10 -03:00