libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
14976 commits 4 branches 5 tags 480 MiB
Commit graph

5767 commits

Author SHA1 Message Date
danielFesenmeyer
3af1134975 Update IDP link username when sync mode is "force" 
Closes #13049
 2022-09-14 08:02:17 -03:00
Martin Bartoš
ed3d003d65
Remove Legacy migration tests from testsuite (#14310) 
Closes #14300
 2022-09-14 11:29:53 +02:00
Václav Muzikář
e999aeeab8 Fix DefaultHostnameTest on Undertow 2022-09-13 14:41:23 -03:00
Martin Bartoš
aa5a4e3d84
Remove remote WildFly server from the testsuite (#14321) 
Closes #14319
 2022-09-13 12:49:40 +02:00
fwojnar
cee69e1abc
Remove Server Config Migration tests from testsuite (#14334) 
Closes #14303

Co-authored-by: wojnarfilip <fwojnar@redhat.com>
 2022-09-13 12:47:35 +02:00
fwojnar
a58f0593a6
Remove Clean Start test from testsuite (#14345) 
Closes #14305

Co-authored-by: wojnarfilip <fwojnar@redhat.com>
 2022-09-13 12:46:55 +02:00
Václav Muzikář
490590625d Fix listApplicationsThirdParty 2022-09-13 08:33:31 +02:00
Jurjan-Paul Medema
eb0124e3e1
Mapper option 'Aggregate attribute values' is now applied to group hierarchy (#7871) 
Closes #11255
 2022-09-12 13:34:28 +02:00
Christoph Leistert
7e5b45f999 Issue #8749: Add an option to control the order of the event query and admin event query 2022-09-11 21:30:12 +02:00
Alexander Schwartz
1d2d3e5ca5 Move UserFederatedStorageProvider into legacy module 
Closes #13627
 2022-09-11 18:37:45 +02:00
Pedro Igor
3518362002 Validate auth time when max_age is sent to brokered OPs 
Closes #14146
 2022-09-09 10:30:51 -03:00
Pedro Igor
a0079b516b
Allow setting response mode (#14104) 
Closes #14083
 2022-09-09 14:28:47 +02:00
Martin Bartoš
0fcf5d3936 Reuse of token in TOTP is possible 
Fixes #13607
 2022-09-09 08:56:02 -03:00
Marek Posolda
040e52cfd7
SAML javascript protocol mapper: disable uploading scripts through admin console by default (#14293) 
Closes #14292
 2022-09-09 13:47:51 +02:00
vramik
869ccc82b2 Enable MapUserProvider storing username with the letter case significance 
Closes #10245
Closes #11602
 2022-09-09 11:46:11 +02:00
Dominik Guhr
f2b02f19e6 Closes #13786 2022-09-07 18:29:26 +02:00
cgeorgilakis
07b0df8f62
View groups from account console (#7933) 
Closes #8748
 2022-09-07 11:25:31 +02:00
Lex Cao
1f197aa96b
Add basic auth compliant to RFC 6749 (#14179) 
Closes #14179
 2022-09-07 10:09:30 +02:00
Christoph Leistert
cc2bb96abc Fixes #9482: A user could be assigned to a parent group if he is already assigned to a subgroup. 2022-09-06 21:31:31 +02:00
Thomas Peter
19d69169b1 introduce expiration option for admin events 2022-09-06 16:05:53 +02:00
Pedro Igor
a6137b9b86 Do not empty attributes if they are not provided when user profile is enabled 
Closes #11096
 2022-09-06 12:59:05 +02:00
Michal Hajas
f69497eb28 KEYCLOAK-12988 Deprecate getUsers* methods in favor of searchUsers* variants 
Closes #14018
 2022-09-06 10:38:28 +02:00
Sergey Ch
860c3fbbd3
KEYCLOAK-17263 Add exact searching for users (#8059) 
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
 2022-09-01 19:27:24 +02:00
Thomas Darimont
43623ea9d0 KEYCLOAK-18499 Add max_age support to oauth2 brokered logins 
Revise KcOidcBrokerPassMaxAgeTest to use setTimeOffset(...)
 2022-09-01 09:24:44 -03:00
Joerg Matysiak
a8019d78e7 Fixed handling of required setting for email in user profile. 
Resolves #13923
 2022-08-31 17:19:19 -03:00
Martin Bartoš
677579fce6 Environment variables for admin creation in testsuite 
Closes #14102
 2022-08-31 07:29:55 -03:00
Nagy Vilmos
f6db484172
Keep the locale related authNotes through the IdentityBroker flow. (#10444) 
Closes #8827
 2022-08-31 09:37:26 +02:00
Martin Bartoš
e6a5f9c124 Default required action providers are still available after feature disabling 
Closes #13189
 2022-08-31 08:42:47 +02:00
Martin Bartoš
94de015440
Cannot build base testsuite due to missing dependency related to WF (#14079) 
Fixes #14072
 2022-08-30 18:52:05 +02:00
Stian Thorgersen
eece543ede
Remove AddUserTest as it was specific to the WildFly distribution (#14091) 
Closes #14072
 2022-08-30 16:57:44 +02:00
Manato Takai
1cdc21f0ff
Add duplicate parameter check for UserInfo endpoint. (#14024) 
Closes #14016
 2022-08-30 14:39:15 +02:00
Pedro Igor
917e8668cb Fixing error when activating webauthn profile 
Related #14005
 2022-08-30 13:55:02 +02:00
Alexander Schwartz
bb6b5abfa1 Remove Infinispan workarounds after upgrading to 13.x 
Closes #13962
 2022-08-30 07:32:19 -03:00
Martin Bartoš
090f7f89d5
Cannot execute Old Admin Console tests (#13887) 
Fixes #14005
 2022-08-29 13:41:22 +02:00
Alexander Schwartz
a364a05cfa Disable unstable scenario for testOfflineSessionLazyLoadingPropagationBetweenNodes 
This only fails when CrossDC and preloadOfflineSessionsFromDatabase are enabled after the upgrade to Infinispan 13.x

Relates to #14020
 2022-08-29 13:01:41 +02:00
Stian Thorgersen
cbfe9b9a3d
Introduce profile (enabled with -DincludeWildFly) to not include WildFly distribution in default builds (#13878) 
* Introduce profile (enabled with -DincludeWildFly) to not include WildFly distribution in default builds

* Fix
 2022-08-27 00:33:45 +02:00
Erik Jan de Wit
93f3d7bf42
Revert "Allow dependencies from keycloak-admin-ui (#13924)" (#13963) 
This reverts commit 332a0dacee.
 2022-08-26 10:04:13 +02:00
Joerg Matysiak
62790b8ce0 Allow permission configuration for username and email in user profile. 
Enhanced Account API to respect access to these attributes.

Resolves #12599
 2022-08-25 21:54:51 -03:00
Pedro Igor
2cc4b54404
Do not cache policies if they no longer exist (#12797) 
Closes #12657

Co-authored-by: Michal Hajas <mhajas@redhat.com>

Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2022-08-25 13:52:30 +02:00
Michal Hajas
05b9e6d59e
Upgrade Infinispan to 13.0.10.Final (#13910) 
Closes #12306
 2022-08-25 13:09:34 +02:00
Christoph Leistert
5408d25e09
Fixes #10656: Sub realm localization GET endpoints can be called using tokens issued by the master realm. (#10660) 
* Fixes #10656: Sub realm localization GET endpoints can be called using tokens issued by the master realm.

* Fixes #10656: Added some tests
 2022-08-25 09:02:07 +02:00
Markus Till
7f999a4629
integration.admin-client: Add exact search for all dedicated user attributes (#13361) 
Closes #13360
 2022-08-25 08:57:31 +02:00
Arnaud Martin
af0d97e534 Delete broker links for federated users when an identity provider is deleted 
Closes #13731
 2022-08-25 08:24:09 +02:00
Pedro Igor
ddcf0f45f9 Run import within the context of the realm being imported 
Closes #12289
 2022-08-25 08:18:43 +02:00
Tero Saarni
74b2541d10
Fix invalid method reference when compiling with JDK17 (#13621) 
Closes #13961
 2022-08-25 08:11:15 +02:00
Pedro Igor
25be07be17 Allow introspecting tokens issued during token exchange with delegation semantics 
Closes #9337
 2022-08-24 09:47:04 -03:00
Tero Saarni
ea4b4b97b4
Bumped maven-war-plugin for JDK17 compatibility (#13619) 
Closes #13960
 2022-08-24 14:44:18 +02:00
Takashi Norimatsu
8c1ea4b47c mTLS binding support for password grant 
Closes #13662
 2022-08-24 11:44:48 +02:00
Alexander Schwartz
332a0dacee
Allow dependencies from keycloak-admin-ui (#13924) 
This prevents exceptions due to missing classes like kotlin/jvm/internal/Intrinsics.

Closes #13918
 2022-08-24 11:31:29 +02:00
Konstantinos Georgilakis
c5b9dc1e7b set context session client equal to clientsession client (fromClientSessionAndScopeParameter method of DefaultClientSessionContext) 
Closes #13162
 2022-08-23 17:33:07 +02:00
Konstantinos Georgilakis
baa89debd9 Correct isValidScope method of TokenManager for Dynamic scopes 
Closes #13158
 2022-08-23 16:30:04 +02:00
Lex Cao
6b1c64a1a9
Add rememberMe to a user session representation(#13408) (#13765) 
Closes #13408
 2022-08-23 15:28:52 +02:00
Konstantinos Georgilakis
2002fd983b Showing consent screen text instead of scope name in consent part of Application page in Account console 
Closes #13109
 2022-08-23 11:22:31 +02:00
rishabhsvats
c223291a1e Adds REGISTER event when new user login through first broker flow 
Updates KcOidcBrokerEventTest, AbstractFirstBrokerLoginTest to factor in REGISTER event in first broker flow

Closes #11646

Correcting Indentation of AbstractFirstBrokerLoginTest
 2022-08-23 10:43:56 +02:00
Stefan Guilhen
f84fdfa8ef
Fix UserSessionProviderTest failures with CockroachDB (#13891) 
- move assertions to a separate tx due to CRDB's SERIALIZABLE isolation level

Closes #13211
 2022-08-23 09:57:13 +02:00
Sebastian Schuster
53472e097c 13647 fixed wrong feature flag for checking admin fine-grained authz 2022-08-22 09:34:12 -03:00
Stefan Guilhen
5775e7c4ba
Fix ConcurrentTransactionsTest failure with CockroachDB (#13890) 
- realm has to be removed in a separate tx due to CRDB's SERIALIZABLE isolation level

Closes #13211
 2022-08-22 08:39:14 +02:00
Pedro Igor
eda33a0b21 Concurrency issue when caching JS policies 
Closes #12204
 2022-08-17 16:30:32 -03:00
Pedro Igor
15bbb46657 Avoid removing static path config from cache 
Closes #9855
 2022-08-17 16:29:59 -03:00
Martin Bartoš
5a2852530f Fix DB tests for Quarkus 
Fixes #13642
 2022-08-17 10:23:05 -03:00
Pedro Igor
841c65d24f Return 404 when invoking authorization endpoints in case authz settings are disabled 
Closes #10151
 2022-08-16 16:37:44 -03:00
nehachopra27
26de05fa44
Updating RestEasy for Jetty App Server (#13710) 
Co-authored-by: nchopra <nchopra@redhat.com>
 2022-08-16 11:20:24 +02:00
Michal Hajas
ab431e3bd9 Fix KeycloakQuarkusServerDeployableContainer to correctly configure map store 
Closes #13721
 2022-08-11 16:55:06 +02:00
Pedro Igor
e3af0610e2 Support running base testsuite on Windows 
Closes #12648

Co-authored-by: Dominik Guhr <dguhr@redhat.com>
 2022-08-10 20:03:53 -03:00
Markus Till
fa383bf76c
Suppress confirmation screen for logout in oidc (#13471) 
Closes #13469
 2022-08-10 18:25:50 +02:00
Michal Hajas
d55d110ff9 Run Infinispan using Testcontainers in base testsuite 
Closes #13620
 2022-08-10 16:36:44 +02:00
Martin Kanis
57f2f4654a Add limit for authSessions per rootAuthSession in map storage 2022-08-10 12:56:37 +02:00
Marcelo Daniel Silva Sales
e44cea587f
NullPointer during OIDC logout client disabled (#13424) 
closes #12624
 2022-08-08 12:34:09 +02:00
Michal Hajas
ec808d28bb Remove possibility to start embedded HotRod server in hotrod-map module 
Closes #13247
 2022-08-05 21:08:38 +02:00
Tero Saarni
2392af157b Forward quarkus server output to console in testsuite 2022-08-05 09:48:48 -03:00
Pedro Igor
333a4c900f Revert changes that block themes being loaded from custom providers 
Closes #13401
 2022-08-04 13:34:12 +02:00
Sebastian Knauer
21f700679f KEYCLOAK-19866 Fix user-defined- and xml-fragment-parsing/Add XPathAttributeMapper 2022-08-03 13:07:12 +02:00
Martin Kanis
ff26698053 Stabilize testCreateUserSessionsParallel model test 2022-08-02 08:12:42 +02:00
nehachopra27
c7be78fade
Add admin-ui dependencies to integration-arquillian testsuite 
Co-authored-by: nchopra <nchopra@redhat.com>

Fixes: #13465
 2022-08-01 20:49:11 +02:00
Marek Posolda
7e925bfbff
Unit tests in "crypto/fips1402" passing on RHEL 8.6 with BC FIPS approved mode. Cleanup (#13406) 
Closes #13128
 2022-07-29 18:03:56 +02:00
Hynek Mlnarik
143e6bc932 Replace undertow-map with quarkus-map 
Fixes: #12652
 2022-07-27 14:08:38 +02:00
Stian Thorgersen
ae33af92d9
Promote new admin console to default (#13243) 
Closes #13242
 2022-07-27 10:13:49 +02:00
Pedro Hos
ee2c5391bd
Possible client enumeration in the authorization endpoint 
Closes #12164
 2022-07-26 09:10:06 +02:00
Michal Hajas
eb1f31e9dd Optimize user-client session relationship for HotRod storage 
Closes #12818
 2022-07-26 09:00:13 +02:00
Douglas Palmer
c00514d659
Support for post_logout_redirect_uris in OIDC client registration (#12282) 
Closes #10135
 2022-07-25 10:57:52 +02:00
Dominik Guhr
9bb1299d89 change optimised to optimized 
also: fix kc.bat to not use autobuild in devmode anymore, fix containers.adoc to not use auto_build naming, fix build command cli help as it is not required anymore to run it beforehand.
 2022-07-22 10:29:07 -03:00
Stian Thorgersen
a251d785db
Remove text based login flows (#13249) 
* Remove text based login flows

Closes #8752

* Add display param back in case it's used by some custom authenticators
 2022-07-22 15:15:25 +02:00
Alexander Schwartz
cb81a17611 Disable Infinispan for map storage and avoid the component factory when creating a realm independent provider factory 
Provide startup time in UserSessionProvider independent of Infinispan,
cleanup code that is not necessary for the map storage as it isn't using Clustering.
Move classes to the legacy module.

Closes #12972
 2022-07-22 08:20:00 +02:00
Douglas Palmer
adeef6c2a0 Partial import feature does not import Identity Provider mappers in Keycloak #12861 2022-07-21 18:04:15 +02:00
Martin Kanis
c2bd01bca0 Add model tests for Hot Rod starting multiple nodes 2022-07-21 12:15:25 +02:00
Stefan Guilhen
e9c55f45e5 Enable action token JPA provider in map-storage-jpa profile 
Closes #13139
 2022-07-20 16:30:20 -03:00
Pedro Igor
3631a413d2 Allow token exchange when subjec_token is not associated with a session 
Closes #12596
 2022-07-20 15:42:26 -03:00
Martin Bartoš
1b9a3bf51a Cannot use WebAuthn with WildFly distribution 
Fixes #12762
 2022-07-20 09:59:44 -03:00
Martin Kanis
c8a6846ee0 Remove offline sessions when deleting a realm 2022-07-19 16:40:22 +02:00
Alexander Schwartz
f490638971 Fall back to standard Liquibase locking 
As DBLockProvider is "none" for the Map storage providers, there is no locking provided by DB Lock
provider.

Liquibase's classic lock provider has issues that need to be tackled in a follow-up issue, see https://github.com/liquibase/liquibase/issues/1311

Closes #13130
 2022-07-19 10:45:31 +02:00
Alexander Schwartz
43539cd3c0 Rework handling of Infinispan exceptions to stabilize the test 
Closes #13164
 2022-07-18 16:00:38 -03:00
Lex Cao
f0988a62b8
Use base64 url decoded for client secret when authenticating with Basic Auth (#12486) 
Closes #11908
 2022-07-16 09:38:41 +02:00
Pedro Igor
89028613d8 Introducing --optimise option 
Closes #10737
 2022-07-15 15:12:17 -03:00
Marcelo Daniel Silva Sales
f7a80409a9
Add flow to generate secret length based on signature algorithm (#13107) 
Closes #9376
 2022-07-15 11:06:07 +02:00
Vlasta Ramik
ec853a6b83
JPA map storage: User / client session no-downtime store (#12241) 
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>

Closes #9666
 2022-07-14 12:07:02 -03:00
Alexander Schwartz
84ac2a2ba4
Update configuration to re-enable starting KeycloakServer for map storage (#13079) 2022-07-13 15:31:34 -03:00
Alexander Schwartz
b8d5e01cf3
Avoid using old legacy-store API in the test suite (#13077) 2022-07-13 09:58:01 -03:00
Michal Hajas
34d8629477
Convert ClientSessionIdleTimeout from seconds to milliseconds before … (#13048) 2022-07-13 07:29:52 -03:00
kz-masa
d26cff270f
Delete unnecessary import statements (#12935) (#12936) 2022-07-12 19:37:15 -03:00
Martin Bartoš
216922233a
Remote base tests don't work with WildFly (#12842) 
Fixes #12841
 2022-07-12 15:14:09 +02:00