Commit graph

139 commits

Author SHA1 Message Date
Thomas Darimont
e41ca1f579
Revise help icons for WebauthnPolicy settings (#34465) (#34466)
- Add missing icons with help labels
- Use correct help text for webAuthnPolicyCreateTimeout

Fixes #34465

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-10-30 10:32:14 +01:00
Erik Jan de Wit
27677a0432
fixed key of policy group help (#34332)
fixes: #33618

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-10-29 08:31:16 -04:00
Agnieszka Gancarczyk
09e3784f84
Added Memberships Modal (#33433)
* added MembershipsModal and fixed minor css issues

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* added test

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* improved test

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>
2024-10-29 08:27:09 -04:00
Gilvan Filho
c4005d29f0 add linear strategy to brute force
closes #25917

Signed-off-by: Gilvan Filho <gilvan.sfilho@gmail.com>
2024-10-22 10:33:22 -03:00
Stefan Guilhen
8581886944 Add validation for role and time policies
Closes #28978

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-10-21 15:51:38 -03:00
Simon Levermann
dcf1d83199
Enable enforcement of a minimum ACR at the client level (#16884) (#33205)
closes #16884 

Signed-off-by: Simon Levermann <github@simon.slevermann.de>
2024-10-21 13:54:02 +02:00
mposolda
dbcb3151a9 Align admin console for client for backchannel and frontchannel logout
closes #10138

Signed-off-by: mposolda <mposolda@gmail.com>

Co-authored-by: Erik Jan de Wit <edewit@redhat.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
2024-10-21 11:32:03 +02:00
Jon Koops
05e8b932c3
Add dark mode support to welcome theme and unify approach (#32495)
Closes #26178

Signed-off-by: Jon Koops <jonkoops@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-10-04 08:27:37 -04:00
Maksim Zvankovich
35eba8be8c Add option to include the organization id in the organization claims
Closes #32746

Signed-off-by: Maksim Zvankovich <m.zvankovich@nexovagroup.eu>
Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
2024-10-03 08:11:36 -03:00
Jon Koops
aacdf80664
Add shim for Web Crypto API to admin and account console (#33480)
Closes #33330

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-10-03 10:51:23 +00:00
vramik
c1653448f3 [Organizations] Allow orgs to define the redirect URL after user registers or accepts invitation link
Closes #33201

Signed-off-by: vramik <vramik@redhat.com>
2024-10-02 07:37:48 -03:00
Agnieszka Gancarczyk
b624b6701b
Removed duplicate key (#33391)
Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>
2024-09-30 13:11:28 +00:00
Agnieszka Gancarczyk
805a92adbf
Duplicating groups (#32454)
* Duplicating groups - wip

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* Duplicating groups - wip

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* Duplicating groups - wip

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* Duplicating groups - wip

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* Duplicating groups - wip

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* Duplicating groups - wip

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* Duplicating groups - wip

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* Duplicating groups - enhancement

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* Duplicating groups - enhancement

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* Enhancements

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* Enhancements

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* Enhancements

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* Enhancements

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* improvements

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* improvements

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

* improvements

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agagancarczyk@gmail.com>
2024-09-27 13:25:09 +02:00
Stefan Guilhen
900c496ffe
Remove the kc.org.broker.public attribute and use hideOnLogin in the IDP instead
Closes #32209

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-09-20 16:08:55 +02:00
Thomas Darimont
d5fb919dcd
Show OpenID4VCI Credential Issuer Metadata link in admin ui (#32968) (#32969)
Fixes #32968

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-09-17 08:16:14 -04:00
Erik Jan de Wit
808883c34d
added filter to idp table and manage order (#32889)
* added filter to idp table and manage order

fixes: #32780
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Update js/apps/admin-ui/maven-resources/theme/keycloak.v2/admin/messages/messages_en.properties

Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
Signed-off-by: Erik Jan de Wit <edewit@redhat.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Erik Jan de Wit <edewit@redhat.com>
Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-16 13:34:29 +02:00
Alexander Schwartz
4d1e1e0bcb
Show details for error messages where they were missing (#32534)
Closes #32533

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-09-04 07:23:54 -04:00
Theresa Henze
a1c23fef8c introduce event types to update/remove credentials
Closes #10114

Signed-off-by: Theresa Henze <theresa.henze@bare.id>
2024-09-03 18:27:27 +02:00
Erik Jan de Wit
cd206b4dfe
added disable warning (#32414)
fixes: #30267

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-09-03 15:06:11 +02:00
Erik Jan de Wit
fff5087d30
Add dark mode styling to account console (#32484)
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-08-29 14:13:02 +00:00
Erik Jan de Wit
c821ecb908 removed duplicate keys
fixes: #32425
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-08-28 14:34:40 -04:00
Pedro Igor
449557290b More options to organization scope mapper including adding organization attributes to tokens
Closes #31642

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-08-27 09:40:55 -03:00
Peter Zaoral
1b5fe5437a
Warnings for temporary admin user and service account (#31387)
* UI banner, labels and log messages are shown when temporary admin account is used
* added UI tests that check the elements' presence

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2024-08-21 09:30:24 +02:00
Erik Jan de Wit
7567506550 fixed message when sending an invite
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-08-20 11:11:14 -03:00
Pedro Igor
d8bb5087ed Adding sendInvite message
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-08-20 11:11:14 -03:00
Erik Jan de Wit
2b0392a3e8 added invite user dialog
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-08-20 11:11:14 -03:00
Erik Jan de Wit
e6dd8ac1c0 added join org modal
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-08-20 11:11:14 -03:00
Erik Jan de Wit
a3ffbb439d initial version organization table for users
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-08-20 11:11:14 -03:00
Erik Jan de Wit
862854bc29
better unset check (#32062)
* better unset check

fixes: #32059
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* better explanation

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fix min value

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Steal some code from `react-hook-form`

Signed-off-by: Jon Koops <jonkoops@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-08-16 14:56:45 +02:00
Yoshiyuki Tabata
cb6eb187ac Client Policy - Condition : Client - Client Attribute
Closes https://github.com/keycloak/keycloak/issues/31766

Signed-off-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com>
2024-08-14 09:56:56 +02:00
agagancarczyk
21d00704ae
removed unused help text (#31481)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-07-23 07:13:29 +02:00
Thomas Darimont
e79d10e71e
Add missing user event translations to admin-ui
Fixes #27677

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-12 10:04:57 +02:00
agagancarczyk
04f0304c44
fixed input type and help text for IDP SAML Certificate (#31193)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-07-10 12:54:26 +00:00
agagancarczyk
4924847676
Enhanced associated roles (#30968)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-07-01 14:38:42 +01:00
Erik Jan de Wit
ea0f569bd0
changed X to link to organization (#30648)
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-07-01 13:22:46 +02:00
jade
261bc41af2
messages: Correct {Client,Realm} Role prefix description to make sense (#30277)
It's unclear from the previous description that this field is used to
prepend things to the names in the token.

Signed-off-by: Jade Lovelace <software@lfcode.ca>
Co-authored-by: agagancarczyk <4890675+agagancarczyk@users.noreply.github.com>
2024-06-26 14:24:58 +01:00
agagancarczyk
b77a69ed18
added missing help text on tokens tab (#30686)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-06-24 11:39:26 +01:00
Pedro Igor
a0ad680346 Adding an alias to organization and exposing them to templates
Closes #30312
Closes #30313

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-20 14:36:14 -03:00
Jon Koops
77fb3c4dd4
Use correct host URL for Admin Console requests (#30535)
Closes #30432

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-06-19 15:21:53 +02:00
Thibault Morin
f6fa869b12
feat(SAML): add Artifact Binding on brokering scenarios when Keycloak is SP (#29619)
* feat: add Artifact Binding on brokering scenarios when Keycloak is SP

Signed-off-by: tmorin <git@morin.io>

* Adding broker test and minor improvements

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Fixing IdentityProviderTest

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Renaming methods related to idp initiated flows

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Fixing partial_import_test.spec.ts

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

---------

Signed-off-by: tmorin <git@morin.io>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-14 08:54:49 -03:00
Erik Jan de Wit
08ead04c43
added pagination to realm selector (#30219)
* added pagination to realm selector

fixes: #29978
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fix display name for recent and refresh on open

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-06-13 11:29:57 +02:00
Thomas Darimont
60ebce8d85 Add translation for oid4vc protocol name
Fixes #30286

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-06-12 12:47:25 +02:00
Jon Koops
c7361ccf6e
Run the Vite dev server through the Keycloak server (#27311)
Closes #19750
Closes #28643
Closes #30115

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-06-12 11:55:14 +02:00
mposolda
0bf613782f Updating client policies in JSON editor is buggy. Attempt to update global client policies should throw the error
closes #30102

Signed-off-by: mposolda <mposolda@gmail.com>
2024-06-05 13:55:02 +02:00
Thomas Darimont
35a4a17aa5
Add support for application/jwt media-type in token introspection (#29842)
Fixes #29841

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-06-03 19:06:21 +02:00
mposolda
9074696382 Editing built-in client policy profiles are silently reverted
closes #27184

Signed-off-by: mposolda <mposolda@gmail.com>
2024-06-03 14:00:37 +02:00
hokuda
2a1b79d1fc Update RFC reference in subject: Likely typo RFC2553 -> RFC2253, Consider RFC4514
Closes #30068

Signed-off-by: hokuda <hisanobu.okuda@gmail.com>
2024-06-03 13:45:27 +02:00
Pedro Igor
4c39fcc79d Allow to configure if users are automatically redirected when the email domain matches an organization
Closes #30050

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-03 13:34:21 +02:00
Erik Jan de Wit
f088b0009c
initial ui for organizations (#29643)
* initial screen

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* more screens

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added members tab

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added the backend

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added member add / invite models

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* initial version of the identity provider section

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* add link and unlink providers

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* small fix

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* PR comments

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Do not validate broker domain when the domain is an empty string

Closes #29759

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added filter and value

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added first name last name

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* refresh menu when realm organization is changed

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* changed to record

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* changed to form data

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fixed lint error

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Changing name of invitation parameters

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Chancing name of parameters on the client

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Enable organization at the realm before running tests

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Domain help message

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Handling model validation errors when creating organizations

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Message key for organizationDetails

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Do not change kc.org attribute on group

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* add realm into the context

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* tests

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Changing button in invitation model to use Send instead of Save

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Better message when validating the organization domain

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Fixing compilation error after rebase

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fixed test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* removed wait as it no longer required and skip flacky test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* skip tests that are flaky

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* stabilize user create test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-29 14:34:02 +02:00
Pedro Igor
bbb83236f5 Do not lower-case the username from the IdP when creating the federated identity
Closes #28495

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-29 01:58:20 -03:00