Commit graph

15191 commits

Author SHA1 Message Date
Martin Bartoš
2632fa7779
WebAuthnSigningInTest failures caused by different titles (#11305)
Fixes #11298
2022-04-19 14:44:51 +02:00
andreaTP
a558d2f546 OLM tests using ttl.sh 2022-04-19 09:44:25 -03:00
Andrea Peruffo
8e4512822a Update docs/guides/src/main/operator/installation.adoc
Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com>
2022-04-19 09:41:08 -03:00
Andrea Peruffo
376dc4035f Update docs/guides/src/main/operator/installation.adoc
Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com>
2022-04-19 09:41:08 -03:00
Andrea Peruffo
5fbcc56080 Update docs/guides/src/main/operator/installation.adoc
Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com>
2022-04-19 09:41:08 -03:00
Andrea Peruffo
95ba35e825 Update docs/guides/src/main/operator/installation.adoc
Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com>
2022-04-19 09:41:08 -03:00
Andrea Peruffo
1d938fe4ff Update docs/guides/src/main/operator/installation.adoc
Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com>
2022-04-19 09:41:08 -03:00
Andrea Peruffo
c8c1a4adc1 Update docs/guides/src/main/operator/installation.adoc
Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com>
2022-04-19 09:41:08 -03:00
Andrea Peruffo
41d9aec4c7 Update docs/guides/src/main/operator/installation.adoc
Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com>
2022-04-19 09:41:08 -03:00
Andrea Peruffo
6f7a4035b4 Update docs/guides/src/main/operator/installation.adoc
Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com>
2022-04-19 09:41:08 -03:00
Andrea Peruffo
d5b68e420e Update docs/guides/src/main/operator/installation.adoc
Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com>
2022-04-19 09:41:08 -03:00
Andrea Peruffo
cbcd8cdfd6 Update docs/guides/src/main/operator/installation.adoc
Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com>
2022-04-19 09:41:08 -03:00
andreaTP
73f8909bd8 Operator installation guide 2022-04-19 09:41:08 -03:00
Václav Muzikář
046935b9e1 Update Operator SDK version
Co-Authored-By: andreaTP <andrea.peruffo1982@gmail.com>
2022-04-19 09:40:35 -03:00
m-takai
5f0e27a792 Add duplicate parameters check process in Device Authz Endpoint.
AuthorizationEndpointRequest class already checks duplicated parameters but DeviceEndpoint class has not checked its error. Thus a check process is added in handleDeviceRequest()

Closes #11294
2022-04-19 14:20:39 +02:00
Yoshikazu Nojima
e495a3d403
Add Apache Kerby to Quarkus runtime dependencies (#10994)
Apache Kerby is used by WebAuthn attestation verification
Without this library the assertion verification fails in Quarkus
distribution

Closes #10779
2022-04-19 14:04:22 +02:00
Dominik Guhr
6ef80239cf change approvals to reflect typofix
Closes #11344
2022-04-19 07:34:15 -03:00
Pedro Igor
9eca6b4e75
Add environment variable expansion to keycloak.conf (#11285)
Closes #11283

Co-authored-by: Dominik Guhr <dguhr@redhat.com>

Co-authored-by: Dominik Guhr <dguhr@redhat.com>
2022-04-19 09:11:29 +02:00
Pedro Igor
c5e4dc8cec
Associated permissions should only add resource type permissions if the resource is an instance (#11220)
Closes #11148
2022-04-19 09:10:14 +02:00
Pedro Igor
52d205ca91
Allow exposing some initial provider config options via web site (#10572)
* Allow exposing some initial provider config options via web site

Co-authored-by: Stian Thorgersen <stian@redhat.com>

Closes #10571

* Include type to provider options, and hide build-icon column as it's not relevant

Co-authored-by: stianst <stianst@gmail.com>
2022-04-19 08:01:42 +02:00
Bruno Oliveira da Silva
f9d4566723 Replace the cryptographic algorithm by SHA-2
The static code scanning analysis detected the usage of MD5 as part of [
MapDeploymentStateProviderFactory](a6dd9dc0f1/model/map/src/main/java/org/keycloak/models/map/deploymentState/MapDeploymentStateProviderFactory.java (L58-L58)).

Even though we could not find any ways of exploiting the code, we should
avoid its usage considering that MD5 is not collision-resistant.

Resolves #11290
2022-04-18 07:10:04 -03:00
McLaynV
91c191024e
Fix a typo in a description String (#11260)
Resolves #11344
2022-04-18 07:09:24 -03:00
Martin Kanis
a2d7cd7a5c Hot Rod map storage: User / client session no-downtime store 2022-04-14 15:34:22 +02:00
Makariy
3b4d87ddcd
Mistyping correction (#11242)
Resolves #11288

Co-authored-by: m.balashov <m.balashov@crpt.ru>
2022-04-14 09:58:54 -03:00
Pedro Igor
6bf9080d8d Remove deployment module dependency from server module
Closes #11257
2022-04-14 07:25:00 -03:00
dependabot[bot]
cb4cd279ab
Bump aquasecurity/trivy-action to 0.2.3 (#11274)
Resolves #11308

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 05:55:56 -03:00
dependabot[bot]
df1c3b1a8d
Bump actions/setup-java from 2 to 3 (#11275)
Resolves #11307

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 05:52:59 -03:00
dependabot[bot]
db229ee55e
Bump github/codeql-action from 2.1.7 to 2.1.8 (#11273)
Resolves #11306

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 05:49:32 -03:00
msvechla
820ab52dce
Add support for filtering by enabled attribute on users count endpoint (#9842)
Resolves #10896
2022-04-13 13:57:22 -03:00
Bruno Oliveira da Silva
1661a4ecc7 Suppress Snyk warnings about WildFly Elytron
Resolves #11277
2022-04-13 11:18:03 -03:00
Stan Silvert
ed79c2a861
Revert "Include Admin UI as a regular dependency (#11156)" (#11280)
This reverts commit 31c272d73f.
2022-04-13 09:19:49 -04:00
Jon Koops
31c272d73f
Include Admin UI as a regular dependency (#11156) 2022-04-13 09:18:56 -04:00
Dominik Guhr
7811f3721a Add db-url-port option
to set the port when not using a full db-url

closes #11251
2022-04-13 08:31:25 -03:00
Pedro Igor
7058a123b1 Avoid initializing the OWASP HTML Sanitizer at startup
Closes #11261
2022-04-13 08:21:53 -03:00
Dominik Guhr
52150cacfc adjust rp docs to clarify exposing js path
Closes #11041
2022-04-13 08:08:48 -03:00
Jon Koops
034748ed0a Add Dependabot config to keep Github Actions up-to-date 2022-04-13 08:07:49 -03:00
bamanuel
7652bbfcd1 Fix unmatched braces in error log formatter
Closes #11252
2022-04-13 08:03:29 -03:00
Bruno Oliveira da Silva
fc1eb02ed5 Update WildFly Elytron on the legacy distribution (CVE-2021-3642)
This change is a follow up of #11196

Resolves #11249
2022-04-12 17:02:08 -03:00
Bruno Oliveira da Silva
82fbe6c0d5 Update jackson-databind dependency in the main POM file to fix CVE-2020-36518
Resolves #11188
2022-04-12 11:23:30 -03:00
Václav Muzikář
66b1c2b167 Change the CRD API group in the operator 2022-04-12 09:38:40 -03:00
R0Wi
cb4a513e24 Fail authenticate if credentialInput is not of type UserCredentialModel
Code fix inside LDAPStorageProvider.java:
return failed result if credential input object is not of expected type

Closes #11191
2022-04-12 14:38:17 +02:00
Alexander Schwartz
5c1a8d401d Store time as seconds as a long in map store
This avoids overflowing the value in 2038.

Closes #10960
2022-04-12 14:22:44 +02:00
Andrea Peruffo
4def2d83e0
Bump Jackson and Kubernetes-client (#11241)
Resolves: #11245
2022-04-12 09:15:42 -03:00
Giacomo Altiero
3b7243cd47
Support for UserInfo response encrypted (#10519)
Close #10517
2022-04-12 14:01:14 +02:00
Alexander Schwartz
a6dd9dc0f1 Avoiding AvlPartitionFactory and using JdbmPartitionFactory for the embedded LDAP to work around unstable tests.
Fix for #11171 didn't turn out to cover the root cause. Also improved transaction handling in LDAP Map storage.

Closes #11211
2022-04-12 09:12:21 +02:00
Bruno Oliveira da Silva
bde2744650 Ignore license compliance warnings
Resolves #11225
2022-04-11 19:12:17 -03:00
Václav Muzikář
20d037a4ad Revert Operator CI 2022-04-11 12:33:22 -03:00
Michal Hajas
6e181a51d5 Add test-jar dependency only if maven.test.skip property is false
Closes #11192
2022-04-11 10:37:18 -03:00
Bruno Oliveira da Silva
bb025f1378 Update wildfly-elytron dependency in the main Quarkus distribution (CVE-2021-3642)
Resolves #11196
2022-04-11 09:47:39 -03:00
Alexander Schwartz
5c810ad0e5 Avoid short-lived connections for ApacheDS to avoid messages around "ignoring the message MessageType UNBIND_REQUEST"
The comment in LdapRequestHandler.java in ApacheDS notes just before discarding an unbind request: "in some cases the session is becoming null though the client is sending the UnbindRequest before closing".

Also implementing a retry logic for all remaining errors regarding LDAP.

Closes #11171
2022-04-11 10:03:15 +02:00