Commit graph

98 commits

Author SHA1 Message Date
Jon Koops
77fb3c4dd4
Use correct host URL for Admin Console requests (#30535)
Closes #30432

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-06-19 15:21:53 +02:00
Thibault Morin
f6fa869b12
feat(SAML): add Artifact Binding on brokering scenarios when Keycloak is SP (#29619)
* feat: add Artifact Binding on brokering scenarios when Keycloak is SP

Signed-off-by: tmorin <git@morin.io>

* Adding broker test and minor improvements

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Fixing IdentityProviderTest

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Renaming methods related to idp initiated flows

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

* Fixing partial_import_test.spec.ts

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

---------

Signed-off-by: tmorin <git@morin.io>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-14 08:54:49 -03:00
Erik Jan de Wit
08ead04c43
added pagination to realm selector (#30219)
* added pagination to realm selector

fixes: #29978
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fix display name for recent and refresh on open

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-06-13 11:29:57 +02:00
Thomas Darimont
60ebce8d85 Add translation for oid4vc protocol name
Fixes #30286

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-06-12 12:47:25 +02:00
Jon Koops
c7361ccf6e
Run the Vite dev server through the Keycloak server (#27311)
Closes #19750
Closes #28643
Closes #30115

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-06-12 11:55:14 +02:00
mposolda
0bf613782f Updating client policies in JSON editor is buggy. Attempt to update global client policies should throw the error
closes #30102

Signed-off-by: mposolda <mposolda@gmail.com>
2024-06-05 13:55:02 +02:00
Thomas Darimont
35a4a17aa5
Add support for application/jwt media-type in token introspection (#29842)
Fixes #29841

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-06-03 19:06:21 +02:00
mposolda
9074696382 Editing built-in client policy profiles are silently reverted
closes #27184

Signed-off-by: mposolda <mposolda@gmail.com>
2024-06-03 14:00:37 +02:00
hokuda
2a1b79d1fc Update RFC reference in subject: Likely typo RFC2553 -> RFC2253, Consider RFC4514
Closes #30068

Signed-off-by: hokuda <hisanobu.okuda@gmail.com>
2024-06-03 13:45:27 +02:00
Pedro Igor
4c39fcc79d Allow to configure if users are automatically redirected when the email domain matches an organization
Closes #30050

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-03 13:34:21 +02:00
Erik Jan de Wit
f088b0009c
initial ui for organizations (#29643)
* initial screen

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* more screens

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added members tab

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added the backend

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added member add / invite models

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* initial version of the identity provider section

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* add link and unlink providers

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* small fix

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* PR comments

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Do not validate broker domain when the domain is an empty string

Closes #29759

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added filter and value

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* added first name last name

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* refresh menu when realm organization is changed

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* changed to record

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* changed to form data

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fixed lint error

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Changing name of invitation parameters

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Chancing name of parameters on the client

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Enable organization at the realm before running tests

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Domain help message

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Handling model validation errors when creating organizations

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Message key for organizationDetails

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Do not change kc.org attribute on group

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* add realm into the context

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* tests

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Changing button in invitation model to use Send instead of Save

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Better message when validating the organization domain

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* Fixing compilation error after rebase

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fixed test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* removed wait as it no longer required and skip flacky test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* skip tests that are flaky

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* stabilize user create test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-29 14:34:02 +02:00
Pedro Igor
bbb83236f5 Do not lower-case the username from the IdP when creating the federated identity
Closes #28495

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-29 01:58:20 -03:00
Thomas Darimont
ab376d9101 Make required actions configurable (#28400)
- Add tests for crud operations on configurable required actions
- Add support exposing the required action configuration via RequiredActionContext
- Make configSaveError message reusable in other contexts
- Introduced admin-ui specific endpoint for retrieving required actions with config metadata

Fixes #28400

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-05-23 08:38:36 +02:00
vramik
278341aff9 Add organizations enabled/disabled capability
Closes #28804

Signed-off-by: vramik <vramik@redhat.com>
2024-05-22 07:58:26 -03:00
秉虎
82ae047231
Update KeysListTab.tsx (#29337)
* Update KeysListTab.tsx

Signed-off-by: 秉虎 <s96016641@gmail.com>

* added missing singular key

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: 秉虎 <s96016641@gmail.com>
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-05-21 13:56:57 +02:00
mposolda
bb5f308e1d Translations for loa-condition-level and loa-max-age
closes #29738

Signed-off-by: mposolda <mposolda@gmail.com>
2024-05-21 13:28:35 +02:00
Stan Silvert
f14f4805d6
Fix access for IDP links tab. (#29428)
* Fix access for IDP links tab.

Signed-off-by: Stan Silvert <ssilvert@redhat.com>

* Fix tests.

Signed-off-by: Stan Silvert <ssilvert@redhat.com>

---------

Signed-off-by: Stan Silvert <ssilvert@redhat.com>
2024-05-14 14:49:47 +02:00
agagancarczyk
b01e47feec
Added localization for User Profile attribute groups (#29374)
* resolved conflicts

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* added localization feature to up attributes groups

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* refactor

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fix linting

Signed-off-by: Jon Koops <jonkoops@gmail.com>

* fixed attribute groups test

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed another failing test

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* reverted the test change

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-05-13 09:50:00 -04:00
Thomas Darimont
59f12faebd
Improve german translation for user federation in admin ui (#28814) (#28816)
Fixes #28814

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-04-24 22:17:18 +02:00
agagancarczyk
b8cdd81718
Replaced tooltip for adding a translations to an attribute with Info Alert (#29051)
* replaced tooltip with info alert

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* replaced tooltip with info alert

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-04-24 19:50:11 +01:00
Stan Silvert
c4d82d4d41
Add help text for bruteForceModeHelpText (#29031)
* Add help text for bruteForceModeHelpText

Signed-off-by: Stan Silvert <ssilvert@redhat.com>

* Add translations for notBefore and setToNow

Signed-off-by: Stan Silvert <ssilvert@redhat.com>

---------

Signed-off-by: Stan Silvert <ssilvert@redhat.com>
2024-04-24 14:19:05 -04:00
Alexander Schwartz
82893df3b5 Fix duplicate admin message keys
Closes #29035

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-04-24 09:32:10 +02:00
Sourav Kumar
6ff19af38a
Fix default helpText as per new defaults for password hashing algorithm (#28698)
Signed-off-by: souravs17031999 <souravs_1999@rediffmail.com>
2024-04-23 15:47:34 -04:00
JN
6977d58d27
Add missing French and Spanish translations (#28807)
Closes #28798

Signed-off-by: JN <xkizokux@gmail.com>
2024-04-20 10:18:49 +00:00
Erik Jan de Wit
2c069433f9
remove use of deprecated components (#28800)
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-04-18 12:14:53 +02:00
Erik Jan de Wit
aa2ae61f22
added show inherited roles to empty state (#28793)
fixes: #28640

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-04-16 13:03:54 +02:00
rmartinc
41b706bb6a Initial security profile SPI to integrate default client policies
Closes #27189

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-04-10 11:19:56 +02:00
agagancarczyk
6f8ac65d3c
added helpText for importFileHelp (#28560)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-04-09 15:50:10 +00:00
agagancarczyk
38df8d5359
Fixed searchClientRegistration message text (#28556)
* fixed message text

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed message text

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* fixed message text

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-04-09 15:05:22 +00:00
Erik Jan de Wit
582da41f4f
added unique message for key provider name (#28504)
fixes: #28486

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-04-08 14:22:42 +02:00
Jon Koops
d3c2475041
Upgrade admin and account console to PatternFly 5 (#28196)
Closes #21345
Closes #21344

Signed-off-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Mark Franceschelli <mfrances@redhat.com>
Co-authored-by: Hynek Mlnařík <hmlnarik@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-04-05 16:37:05 +02:00
Stan Silvert
bd64b8f40f
Fix help key for firstBrokerLoginFlowAliasOverrideHelp (#28257)
Closes #27691

Signed-off-by: Stan Silvert <ssilvert@redhat.com>
2024-04-02 18:36:59 +02:00
kouki-miura
6af512e6ee
Fix the message for "goups" and add "groupsHelp" (#27964)
Closes #27962

Closes #27965

Signed-off-by: kouki-miura2 <koki_m@i.softbank.jp>
2024-03-26 08:20:49 -04:00
Stan Silvert
7dfc263052
Add Token setting Lifetime of Request URI for PAR (#28155)
* Add Token setting Lifetime of Request URI for PAR

Signed-off-by: Stan Silvert <ssilvert@redhat.com>

* Fix test.

Signed-off-by: Stan Silvert <ssilvert@redhat.com>

---------

Signed-off-by: Stan Silvert <ssilvert@redhat.com>
2024-03-25 08:33:39 -04:00
agagancarczyk
e501cfcfb3
Changed clients/authorization to use ui-shared (#27826)
* migrated Switch and KeycloakTextInput to ui-shared

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* migrated AuthorizationExport to use TextAreaControl

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* migrated ImportDialog to use use-shared

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* migrated PermissionDetails to use use-shared

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* migrated ResourceDetails to use use-shared

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* migrated ScopeDetails to use use-shared

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* migrated PermissionDetails to ui-shared

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-03-19 14:22:10 +01:00
Erik Jan de Wit
1b761b5b4c
Migrate more of the realm setting to new form controls (#27647)
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-03-13 11:05:54 +00:00
agagancarczyk
84cf306833
Changed key provider form to use ui shared (#27704)
* replaced KeycloakTextInput with TextControl

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* replaced KeycloakTextInput with TextControl and fixed helpText

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* small test fix

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-03-08 11:26:49 +01:00
Erik Jan de Wit
b0b967d8d4
migrated user forms to ui-shared (#27593)
* migrated user forms to ui-shared

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* review comments

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fixed test

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-03-06 16:06:13 +00:00
agagancarczyk
8689208e3a
fixed messages and replaced KeyckloakTextInput (#27591)
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-03-06 10:25:57 +00:00
Pedro Igor
d12711e858 Allow fetching roles when evaluating role licies
Closes #20736

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-03-05 15:54:02 +01:00
agagancarczyk
f49efd0a51
Adding translations when a new attribute is created (#27313)
* reimplemented attribute translations

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* added translations refresh

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* improvement

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* feedback

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* feedback

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* refactor

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* refactor

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* added type

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-03-04 11:39:20 +00:00
Hynek Mlnarik
49bbed13b9 Localize admin error messages
Fixes: #25977 (part of)

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-03-01 14:03:08 +01:00
Aboullos
5719d71dd4
Modify no roles for dedicated client scope (#27395)
Signed-off-by: Alfredo Moises Boullosa <aboullos@redhat.com>
2024-02-29 17:16:09 +01:00
Réda Housni Alaoui
a3b3ee4b87
Ability to declare a default "First broker login flow" per Realm
Closes #25823

Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-02-28 16:17:51 +01:00
Joshua Sorah
f1581adafe
Update message keys for dedicated client scope role mapping text. (#27102)
Closes keycloak/keycloak#27101

Signed-off-by: Joshua Sorah <jsorah@gmail.com>
2024-02-28 12:12:39 +01:00
graziang
16a854c91b Add option to clients to use lightweight access token
Add an "Always use lightweight access token" option on the client's Advanced tab in the "Advanced Settings" section that uses the already existing Constants.USE_LIGHTWEIGHT_ACCESS_TOKEN_ENABLED to store a boolean client attribute.
The attribute value is used to enable or disable the lightweight access token.
Closes #27238

Signed-off-by: graziang <g.graziano94@gmail.com>
2024-02-28 10:18:26 +01:00
Pedro Igor
0c91fceaad Allow setting if both 'client_id' and 'id_token_hint' params should be sent in logout requests
Closes #27281

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-27 20:37:27 +09:00
kaustubh-rh
03f6cda85a
Prevent user from removing built-in client scopes (#27134)
Closes #26937

Signed-off-by: Kaustubh B <kbawanka@redhat.com>
2024-02-26 11:16:23 +01:00
Pedro Igor
604274fb76 Allow setting an attribute as multivalued
Closes #23539

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

Co-authored-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-02-22 12:56:44 +01:00
Douglas Palmer
b0ef746f39 Permanently lock users out after X temporary lockouts during a brute force attack
Closes #26172

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-02-22 09:34:51 +01:00