libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
25324 commits 4 branches 5 tags 480 MiB
Commit graph

4637 commits

Author SHA1 Message Date
Takashi Norimatsu
6b135ff6e7 client-jwt authentication fails on Token Introspection Endpoint 
closes #30599

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2024-06-21 10:47:25 +02:00
Pedro Igor
a0ad680346 Adding an alias to organization and exposing them to templates 
Closes #30312
Closes #30313

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-06-20 14:36:14 -03:00
Giuseppe Graziano
6b07b67667 Removed saml filter adapter tests 
Closes #30553

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-06-20 09:42:59 +02:00
Pedro Ruivo
5fc12480fd External Infinispan as cache - Part 4 (#30072) 
UserSessionProvider implementation to make use of Infinispan remote
cache.

Closes #28755

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-06-19 14:47:57 +02:00
Pedro Ruivo
9006218559 External Infinispan as cache - Part 3 
Implementation of UserLoginFailureProvider using remote caches only.

Closes #28754

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-06-19 14:47:57 +02:00
Pedro Ruivo
833aad661e External Infinispan as cache - Part 2 
Includes a new implementation for the providers:

* StickySessionEncoderProviderFactory
* LoadBalancerCheckProviderFactory
* SingleUseObjectProviderFactory

Closes #28648

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-06-19 14:47:57 +02:00
Martin Kanis
dc109381e1 Refactor organization tests 
Closes #30338

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-06-19 09:34:24 -03:00
Martin Kanis
89f83e9788 Importing organizations failing if there is no broker and members in the representation 
Closes #30305

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-06-19 08:46:04 -03:00
Pedro Igor
57139cbefc Internal read-only attributes have precedence over unmanaged attribute policy 
Closes #30240

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-06-19 12:05:01 +02:00
Giuseppe Graziano
24aa6e143d
REALM_CLIENT attribute to recognize realm clients (#30433) 
Closes #29413

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-06-19 10:22:13 +02:00
Stefan Guilhen
db846a792d Set a time of 23:59:59:999 in JpaEventQuery.toDate so that events from that date are properly returned in searches 
Closes #30414

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-06-18 13:14:28 -03:00
Francis Pouatcha
d4797e04a2
Enhance SupportedCredentialConfiguration to support optional claims object as defined in OpenID for Verifiable Credential Issuance specification (#30420) 
closes #30419 

Signed-off-by: Francis Pouatcha <francis.pouatcha@adorsys.com>
 2024-06-18 17:07:49 +02:00
rmartinc
fc65c73106 Upgrade adapters test to use wildfly 28 (jakarta only) via maven plugin 
Closes #30324

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-18 15:40:59 +02:00
rmartinc
38d8cf2cb3 Add UPDATE event to the client-roles condition 
Closes #30284

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-18 15:30:42 +02:00
Martin Bartoš
5ad3abaa96
Enable WebAuthn tests for Firefox (#30374) 
Closes #22075

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2024-06-18 10:36:01 +02:00
rmartinc
c51640546d Improvements for ldap test authentication 
Closes #30434

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-15 10:01:24 +02:00
Thibault Morin
f6fa869b12
feat(SAML): add Artifact Binding on brokering scenarios when Keycloak is SP (#29619) 
* feat: add Artifact Binding on brokering scenarios when Keycloak is SP

Signed-off-by: tmorin <git@morin.io>

* Adding broker test and minor improvements

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Fixing IdentityProviderTest

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Renaming methods related to idp initiated flows

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Fixing partial_import_test.spec.ts

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

---------

Signed-off-by: tmorin <git@morin.io>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-06-14 08:54:49 -03:00
Pedro Ruivo
18a6c79011
Infinispan Protostream Marshaller (#29474) 
Closes #29394

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-06-13 18:02:46 +02:00
Lukas Hanusovsky
ca0833b2e4
[#29412] DB Allocator removal - dependency cleanup. (#30406) 
Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2024-06-13 13:31:52 +00:00
vramik
de2fdbe98f cache count 
Signed-off-by: vramik <vramik@redhat.com>
 2024-06-13 08:13:36 -03:00
vramik
d355e38424 Provide a cache layer for the organization model 
Closes #30087

Signed-off-by: vramik <vramik@redhat.com>
 2024-06-13 08:13:36 -03:00
Alfredo Moises Boullosa
a5cd6ed965 Add step to Google Social Login (#30335) 
Signed-off-by: Alfredo Moises Boullosa <aboullos@redhat.com>
 2024-06-12 17:27:02 +02:00
Stefan Guilhen
c49b5749ef Fix GroupLDAPStorageMapper so it doesn't attempt to update a group fetched in a different tx when synchronizing groups from LDAP 
Closes #29784

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2024-06-12 10:42:21 -03:00
Martin Kanis
ae69b3b260 Introduce packages for organization tests 
Closes #30337

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-06-12 10:02:06 -03:00
rmartinc
7d42ab822b Remove adapter app-server-undertow profile which is not used 
Closes #30347

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-12 14:40:06 +02:00
Patrick Jennings
75925dcf6c
Client type configuration inheritance (#30056) 
closes #30213 

Signed-off-by: Patrick Jennings <pajennin@redhat.com>
 2024-06-10 18:59:08 +02:00
rmartinc
7d05a7a013 Logout from all clients after IdP logout is performed 
Closes #25234

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-10 11:58:09 -03:00
Giuseppe Graziano
6067f93984
Improvements to refresh token rotation with multiple tabs (#29966) 
Closes #14122

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-06-07 12:02:36 +02:00
Steven Hawkins
c7e9ee2bff
fix: adds handling for all kcadm prompts as env variables (#29430) 
closes: #21961

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-06-06 13:08:23 +00:00
Bruno Oliveira da Silva
f34baf3c24
Update license headers (#29942) 
Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
 2024-06-06 14:06:09 +02:00
Alexander Schwartz
97ab0def2c Adding ForkJoinPool for Quarkus to the surefire initialization for embedded Quarkus 
Closes #30206

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-06-06 12:52:11 +02:00
Pedro Igor
94c194f1f4 Prevent users to unlink from their home identity provider when they are a managed member 
Closes #30092

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

Co-authored-by: Vlasta Ramik <vramik@users.noreply.github.com>
 2024-06-05 13:57:01 +02:00
mposolda
0bf613782f Updating client policies in JSON editor is buggy. Attempt to update global client policies should throw the error 
closes #30102

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-06-05 13:55:02 +02:00
rmartinc
eedfd0ef51 Missing auth checks in some admin endpoints (#166) 
Closes keycloak/keycloak-private#156

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-05 12:04:47 +02:00
Giuseppe Graziano
d5e82356f9 Encrypted KC_RESTART cookie and removed sensitive notes 
Closes #keycloak/keycloak-private#162

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2024-06-05 10:33:44 +02:00
Pedro Igor
f8d55ca7cd Export import realm with organizations 
Closes #30006

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-06-05 09:50:03 +02:00
Martin Kanis
33331788a4 Introduce count method to avoid fetching all organization upon checking for existence 
Closes #29697

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-06-04 10:45:28 -03:00
Martin Kanis
173f09fa6b Malformed dependency version causing the build failure 
Closes #30134

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2024-06-04 13:44:14 +02:00
Thomas Darimont
35a4a17aa5
Add support for application/jwt media-type in token introspection (#29842) 
Fixes #29841

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-06-03 19:06:21 +02:00
Martin Bartoš
262fc09edc
OpenJDK 21 support (#28518) 
* OpenJDK 21 support

Closes #28517

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* x509 SAN UPN other name is not handled in JDK 21 (#904)

closes #29968

Signed-off-by: mposolda <mposolda@gmail.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2024-06-03 14:17:28 +02:00
mposolda
9074696382 Editing built-in client policy profiles are silently reverted 
closes #27184

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-06-03 14:00:37 +02:00
Pedro Igor
4c39fcc79d Allow to configure if users are automatically redirected when the email domain matches an organization 
Closes #30050

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-06-03 13:34:21 +02:00
raff897
6d6131cade Backchannel logout url with curly brackets 
closes #30023

Signed-off-by: raff897 <85362193+raff897@users.noreply.github.com>
 2024-06-03 09:51:39 +02:00
Ricardo Martin
0cd0d03c08
Remove all adapter-core code moved to util (#30012) 
* Remove all tests that are only executed for undertow app server
* Remove installation steps for OIDC adapter in wildfly/eap app server
* Remove the util adapters package except HttpClientBuilder
* Remove HttpClientBuilder and use plain apache http client
Closes #29912

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-03 09:28:02 +02:00
Pedro Ruivo
ad32f8bdbc
auth-server-feature does not work for auth-server-quarkus-embedded (#30045) 
Fixes #29259

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-06-03 08:47:52 +02:00
rmartinc
068ce5a61f Modify xpath for account console logout in the webauthn tests 
Closes #30024

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-05-31 15:14:35 +02:00
Stefan Wiedemann
0f6f9543ba
Add oid4vci to the account console (#29174) 
closes #25945

Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>


Co-authored-by: Erik Jan de Wit <edewit@redhat.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
 2024-05-31 15:11:32 +02:00
Patrick Jennings
5144f8d85f
Improve Client Type Integration Tests (#29944) 
closes #30017

Signed-off-by: Patrick Jennings <pajennin@redhat.com>
 2024-05-31 09:53:22 +02:00
Andrejs Mivreniks
1cf87407fe Allow setting authentication flow execution priority value via Admin API 
Closes #20747

Signed-off-by: Andrejs Mivreniks <andrejs@fastmail.com>
 2024-05-30 19:17:45 +02:00
Martin Bartoš
3f49036192
Unify approach for WebAuthn tests (#29781) 
Closes #29780

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2024-05-30 14:21:27 +02:00