Jon Koops
228c21a7a0
Allow Keycloak JS to be initialized without passing options ( #33950 )
...
Closes #8935
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-10-15 17:46:15 +02:00
Gilles Etchepareborde
593afbb4e0
This PR intends to always set the event type in order to prevent error when firing an error event.
...
Closes #30453
Signed-off-by: Gilles Etchepareborde <etchepar@yahoo.fr>
2024-10-08 10:15:53 +02:00
Martin Kanis
51fd133f05
[Keycloak CI] - User Federation Tests - fixing AD tests
...
Closes #33231
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-10-02 16:02:55 -03:00
Jon Koops
d60dee7622
Remove the UMD distribution of Keycloak JS ( #33080 )
...
Closes #32826
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-09-30 14:05:18 +02:00
Benoît
bf19ec11cf
Fix UserStorageManager.getGroupMembersStream potentially fetching all user ( #33145 )
...
Closes #32761
Signed-off-by: Benoit Messager <benoit.messager@liksi.fr>
Co-authored-by: Benoit Messager <benoit.messager@liksi.fr>
2024-09-24 09:51:35 +02:00
Nate Drake
75973157aa
Fix a few typos ( #32929 )
...
Signed-off-by: Nate Drake <ndrake@gmail.com>
2024-09-15 10:12:26 +00:00
rmartinc
b60621d819
Allow brute force to have http request/response and send emails
...
Closes #29542
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-09-11 08:35:03 +02:00
Stefan Guilhen
aeb1951aba
Replace calls to deprecated RealmModel IDP methods
...
- use the new provider instead
Closes #31254
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-15 10:55:36 -03:00
Justin Tay
f537343545
Allow empty key use in JWKS from identity provider
...
Closes #31823
Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>
2024-08-02 11:39:43 +02:00
Martin Kanis
d91d6d18d5
Can not update organization group error when trying to create organisation from REST API
...
Closes #31144
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-07-29 17:39:56 +02:00
Pedro Igor
87c279d645
Respect the username value format when processing federated users
...
Closes #31240
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-07-29 09:28:43 +02:00
Pedro Igor
f010f7df9b
Reverting removal of test assertions and keeping existing logic where only brokers the user is linked to is shown after identity-first login page
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-07-03 11:55:04 -03:00
Pedro Igor
a0ad680346
Adding an alias to organization and exposing them to templates
...
Closes #30312
Closes #30313
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-06-20 14:36:14 -03:00
Pedro Ruivo
5fc12480fd
External Infinispan as cache - Part 4 ( #30072 )
...
UserSessionProvider implementation to make use of Infinispan remote
cache.
Closes #28755
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-06-19 14:47:57 +02:00
Pedro Ruivo
d2ae27a1e2
External Infinispan as cache - Part 1
...
Part 1 includes
* New experimental feature to enable the new code
* New providers using RemoteCache only
* New test profile to run the tests with the experimental feature
New providers' implementation for:
* InfinispanConnectionProvider
* AuthenticationSessionProvider
* ClusterProvider
Closes #28140
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-06-19 14:47:57 +02:00
Pedro Igor
bbb83236f5
Do not lower-case the username from the IdP when creating the federated identity
...
Closes #28495
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-05-29 01:58:20 -03:00
Thomas Darimont
ab376d9101
Make required actions configurable ( #28400 )
...
- Add tests for crud operations on configurable required actions
- Add support exposing the required action configuration via RequiredActionContext
- Make configSaveError message reusable in other contexts
- Introduced admin-ui specific endpoint for retrieving required actions with config metadata
Fixes #28400
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-05-23 08:38:36 +02:00
Pedro Ruivo
cbce548e71
Infinispan 15.0.3.Final
...
Closes #29068
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-05-08 17:18:39 +02:00
Stefan Guilhen
02e2ebf258
Add check to prevent deserialization issues when the context token is not an AccessTokenResponse.
...
- also adds a test for the refresh token on first login scenario.
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-04-30 12:02:10 -03:00
Stefan Wiedemann
b08c644601
Support credentials issuance through oid4vci ( #27931 )
...
closes #25940
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
2024-04-22 11:37:55 +02:00
Pedro Ruivo
3e0a185070
Remove deprecated EnvironmentDependentProviderFactory.isSupported method
...
Closes #26280
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-04-19 16:36:49 +02:00
mposolda
c427e65354
Secondary factor bypass in step-up authentication
...
closes #34
Signed-off-by: mposolda <mposolda@gmail.com>
(cherry picked from commit e632c03ec4dbfbb7c74c65b0627027390b2e605d)
2024-04-19 14:43:53 +02:00
Stian Thorgersen
0d60e58029
Restrict the token types that can be verified when not using the user info endpoint ( #146 ) ( #28866 )
...
Closes #47
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Conflicts:
core/src/main/java/org/keycloak/util/TokenUtil.java
testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeTest.java
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-04-18 14:11:05 +02:00
Pedro Ruivo
63cb137b37
Remove usages of EnvironmentDependentProviderFactory.isSupported
...
Closes #28751
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-04-16 09:43:23 +02:00
Giuseppe Graziano
c76cbc94d8
Add sub via protocol mapper to access token
...
Closes #21185
Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
2024-04-10 10:40:42 +02:00
Pedro Igor
52ba9b4b7f
Make sure attribute metadata from user storage providers are added only for the provider associated with a federated user
...
Closes #28248
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-04-08 09:05:16 -03:00
Justin Tay
e765932df3
Skip unsupported keys in JWKS
...
Closes #16064
Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>
2024-04-08 08:42:31 +02:00
Justin Tay
89a5da1afd
Allow empty key use in JWKS for client authentication
...
Closes #28004
Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>
2024-04-04 10:42:37 +02:00
Stian Thorgersen
c3a98ae387
Use Argon2 as default password hashing algorithm ( #28162 )
...
Closes #28161
Signed-off-by: stianst <stianst@gmail.com>
2024-03-22 13:04:14 +00:00
Stian Thorgersen
8cbd39083e
Default password hashing algorithm should be set to default password hash provider ( #28128 )
...
Closes #28120
Signed-off-by: stianst <stianst@gmail.com>
2024-03-22 12:44:11 +01:00
vramik
032bb8e9cc
Map Store Removal: Remove obsolete KeycloakModelUtils.isUsernameCaseSensitive
method
...
Closes #27438
Signed-off-by: vramik <vramik@redhat.com>
2024-03-02 04:40:46 +09:00
Stian Thorgersen
0fb6bdfcac
Cookie Provider - move remaining cookies ( #26531 )
...
Closes #26500
Signed-off-by: stianst <stianst@gmail.com>
2024-01-29 11:06:37 +01:00
Martin Kanis
7797f778d1
Map Store Removal: Rename legacy modules
...
Closes #24107
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-25 16:29:16 +01:00
Stian Thorgersen
85ddac26ed
Remove code that expires old cookie paths ( #26444 )
...
Closes #26416
Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 13:43:03 +01:00
Takashi Norimatsu
b99f45ed3d
Supporting EdDSA
...
closes #15714
Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
Co-authored-by: Muhammad Zakwan Bin Mohd Zahid <muhammadzakwan.mohdzahid.fg@hitachi.com>
Co-authored-by: rmartinc <rmartinc@redhat.com>
2024-01-24 12:10:41 +01:00
Martin Kanis
84603a9363
Map Store Removal: Rename Legacy* classes ( #26273 )
...
Closes #24105
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-23 13:50:31 +00:00
Pedro Igor
d540584449
Using a valid URI when deleting cookies before/after running tests
...
Closes #22691
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-01-05 15:13:12 -03:00
Steven Hawkins
667ce4be9e
enhance: supporting versioned features ( #24811 )
...
also adding a common PropertyMapper validation method
closes #24668
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2024-01-03 17:56:31 +01:00
Réda Housni Alaoui
5287500703
@NoCache is not considered anymore
...
Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
2024-01-02 09:06:55 -03:00
mposolda
3fa2d155ca
Decouple factory methods from the provider methods on UserProfileProvider implementation
...
closes #25146
Signed-off-by: mposolda <mposolda@gmail.com>
2023-12-01 10:30:57 -03:00
Steven Hawkins
8c3df19722
feature: add option for creating a global truststore ( #24473 )
...
closes #24148
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2023-11-30 08:57:17 +01:00
Sebastian Schuster
030f42ec83
More efficient listing of assigned and available client role mappings
...
Closes #23404
Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>
Co-authored-by: Vlasta Ramik <vramik@users.noreply.github.com>
2023-11-22 14:10:11 +01:00
Réda Housni Alaoui
3f014c7299
Cannot display 'Authentication Flows' screen when a realm contains more than ~4000 clients ( #21058 )
...
closes #21010
Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
2023-11-13 19:13:01 +01:00
vramik
926be135e8
Remove map related modules
...
Signed-off-by: vramik <vramik@redhat.com>
Closes #24100
2023-11-13 12:34:52 +01:00
mposolda
7863c3e563
Moving UPConfig and related classes from keycloak-services
...
closes #24535
Signed-off-by: mposolda <mposolda@gmail.com>
2023-11-07 12:41:29 +01:00
rmartinc
1b630326b2
Fixes in LDAP tests when using AD
...
Closing https://github.com/keycloak/keycloak/issues/24357
2023-10-31 13:34:37 +01:00
Thomas Darimont
e567210ed1
Add dedicated feature flag for oauth device grant flow ( #23892 )
...
Closes #23891
2023-10-24 10:09:26 +02:00
mposolda
04777299b0
After tab1 finish authentication, make sure that rootAuthenticationSession is expired shortly
...
closes #23880
2023-10-19 19:23:50 +02:00
shigeyuki kabano
6112b25648
Enhancing Light Weight Token( #22148 )
...
Closes #21183
2023-10-17 13:12:36 +02:00
Alexander Schwartz
50916d58b1
Clean up created test user to avoid conflict with other tests
...
Closes #23804
2023-10-16 19:10:52 +02:00