libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
22212 commits 4 branches 5 tags 480 MiB
Commit graph

265 commits

Author SHA1 Message Date
Jon Koops
651a7f29fc
Promote Account Console v3 to preview (#20969) 2023-06-15 12:24:01 -04:00
stianst
0832992e59 Removing OpenShift integration and moving to separate extension 
closes #20496

Co-authored-by: mposolda <mposolda@gmail.com>
 2023-05-30 17:39:32 +02:00
Martin Bartoš
6118e5cfb7 Use JakartaEE dependencies 
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
 2023-04-27 13:36:54 +02:00
Martin Bartoš
7cff857238 Migrate packages from javax.* to jakarta.* 
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ComponentExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/FederatedStorageExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java - Modified
keycloak/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java	- Modified
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AccountTotpPage.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java - Modified
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/services/resources/QuarkusWelcomeResource.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/profile/util/Soap.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/UserInfoClientUtil.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
---
Quarkus3 branch sync no. 10 (17.3.2023)
Resolved conflicts:
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java -	Modified
---
Quarkus3 branch sync no. 9 (10.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosSingleRealmTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java - Modified
---
Quarkus3 branch sync no. 8 (3.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/SamlClient.java	Modified - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java - Modified
keycloak/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionAuthenticator.java - Modified
---
Quarkus3 branch sync no. 6 (17.2.2023)
Resolved conflicts:
keycloak/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ComponentsResource.java - Modified
keycloak/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/installation/SamlSPDescriptorClientInstallation.java - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
/keycloak/services/src/main/java/org/keycloak/social/google/GoogleIdentityProvider.java	Modified - Modified
keycloak/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java - Modified
---
Quarkus3 branch sync no. 4 (3.2.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/integration/jaxrs/QuarkusKeycloakApplication.java - Modified
---
Quarkus3 branch sync no. 1 (18.1.2023)
Resolved conflicts:
keycloak/testsuite/client/ClientPoliciesTest.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java - Modified
keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaModelCriteriaBuilder.java - Modified
 2023-04-27 13:36:54 +02:00
Jon Koops
37e46f3551
Refer to Account Console features by version number (#19716) 2023-04-14 10:48:36 +00:00
Jon Koops
a2eb619e0e
Include Account Console version 3 as a theme (#19641) 2023-04-13 09:41:40 -04:00
mposolda
863d28e232 Promote FIPS 140-2 to supported in Keycloak 22 
closes #17234
 2023-04-12 15:29:54 +02:00
mposolda
709c6b5a47 Regressions in redirect URL verification when redirect_uri has encoded path or default port 
closes #16851
closes #16587
 2023-03-30 14:20:10 +02:00
Konstantinos Georgilakis
fd28cd2d4b Service Accounts Client must create the Client ID mapper with Token Claim Name as client_id 
closes #16329
 2023-03-23 11:45:34 +01:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334) 
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2023-03-03 11:11:44 +01:00
Cameron James
b4050b9fa8
Fix configuration for disabled features throwing errors with disabled dependencies (#17323) 
Closes #17322
 2023-03-02 09:29:08 +01:00
Pedro Igor
fbf5541802 Remove duplicated set-cookie header from response when expiring cookies 
Closes #17192
 2023-02-27 14:17:27 -03:00
rmartinc
f91ac2970d
Polish fips-mode switch for preview (#17228) 
* Polish fips-mode switch for preview
Closes #17208 #17210 


Co-authored-by: mposolda <mposolda@gmail.com>
 2023-02-22 12:12:52 +01:00
mposolda
4f068fcdcc Make https-trust-store-type set to bcfks by default in strict-mode 
Closes #17119
 2023-02-16 08:00:21 -03:00
rmartinc
5b626231d9 Doublecheck if real FIPS host available in GH actions 
Closes https://github.com/keycloak/keycloak/issues/15069
 2023-02-10 11:56:35 +01:00
Stian Thorgersen
4782a85166
Remove old admin console feature (#16861) 
* Remove old admin console feature

Closes #16860

* Update help txt files for Quarkus tests
 2023-02-07 12:59:35 +01:00
Marek Posolda
33ff9ef17e
Fix remaining failing tests with BCFIPS approved mode (#16699) 
* Fix remaining failing tests with BCFIPS approved mode
Closes #16698
 2023-01-30 16:01:57 +01:00
Khvatov-Alexey
a4c78a05d2
Descriptor file release (#16659) 
Closes #16657

Co-authored-by: Khvatov-Alexey <Khvatov-Alexey>
 2023-01-27 10:29:42 +00:00
mposolda
a804400c84 Added KERBEROS feature. Disable it when running tests on FIPS 
closes #14966
 2023-01-25 18:38:46 +01:00
mposolda
16888eaeab Only available RSA key sizes should be shown in admin console 
Closes #16437
 2023-01-25 13:15:07 +01:00
Michal Hajas
6566b58be1 Introduce Infinispan GlobalLock implementation 
Closes #14721
 2023-01-05 16:58:44 +01:00
Hynek Mlnarik
071fc03f41 Move transaction processing into session close 
Fixes: #15223
 2023-01-05 16:12:32 +01:00
stianst
1de9c201c6 Refactor Profile 
Closes #15206
 2022-11-07 07:28:11 -03:00
Marek Posolda
c0c0d3a6ba
Short passwords with PBKDF2 mode working (#14437) 
* Short passwords with PBKDF2 mode working
Closes #14314

* Add config option to Pbkdf2 provider to control max padding

* Update according to PR review - more testing for padding and for non-fips mode
 2022-11-06 14:49:50 +01:00
Marek Posolda
f616495b05
Fixing UserFederationLdapConnectionTest,LDAPUserLoginTest to work with FIPS (#15299) 
closes #14965
 2022-11-03 16:35:57 +01:00
mposolda
55c514ad56 More flexibility in keystore related tests, Make keycloak to notify which keystore types it supports, Support for BCFKS 
Closes #14964
 2022-10-24 08:36:37 +02:00
Stian Thorgersen
97ae90de88
Remove Red Hat Single Sign-On product profile from upstream (#14697) 
* Remove Red Hat Single Sign-On product profile from upstream

Closes #14916

* review suggestions: Remove Red Hat Single Sign-On product profile from upstream

Closes #14916

Co-authored-by: Peter Skopek <pskopek@redhat.com>
 2022-10-18 14:43:04 +02:00
Marek Posolda
0756ef9a75
Initial integration tests with BCFIPS distribution (#14895) 
Closes #14886
 2022-10-17 23:33:22 +02:00
Martin Bartoš
7311e12066 Add features options to Keycloak CR 
Closes #14376
 2022-10-11 15:07:44 +02:00
Stian Thorgersen
fda26385ec
Add profile feature for hosting keycloak.js on the server (#14771) 
* Add profile feature for hosting keycloak.js on the server

Closes #14770

* Updated txt files for HelpCommandTest
 2022-10-10 08:00:50 +02:00
Marek Posolda
c59660ca86
KEYCLOAK_SESSION not working for some user federation setups when user ID has special chars (#14560) 
closes #14354
 2022-10-05 08:59:30 +02:00
David Anderson
a8db79a68c
Introduce crypto module using Wildfly Elytron (#14415) 
Closes #12702
 2022-09-27 08:53:46 +02:00
Hisanobu Okuda
53635e3317 KEYCLOAK-19132 SAML adapter config replacement with environment variables 
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2022-09-23 13:15:16 +02:00
Pedro Igor
00e4c3567a Make it possible to switch between BC and BC-FIPS libraries 
Closes #12424
 2022-09-23 07:50:02 -03:00
Thomas Darimont
962a685b7b KEYCLOAK-15773 Control availability of admin api and admin-console via feature flags 
Inline profile checks for enabled admin-console to avoid issues during
static initialization with quarkus.

Potentially Re-enable admin-api feature if admin-console is enabled
via the admin/admin2 feature flag.

Add legacy admin console as deprecated feature flag
Throw exception if admin-api feature is disabled but admin-console is enabled

Adapt ProfileTest

Consider adminConsoleEnabled flag in QuarkusWelcomeResource
Fix check for Admin-Console / Admin-API feature dependency.

Add new features to approved help output files

Co-authored-by: Stian Thorgersen <stian@redhat.com>
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2022-09-09 18:18:51 -03:00
Marek Posolda
19daf2b375
Not possible to login in FIPS enabled RHEL 8.6. Support for parsing PEM private keys in BCFIPS module in both traditional and PKCS8 format (#14008) 
Closes #13994
 2022-08-30 22:33:12 +02:00
David Anderson
ce1331f550
Remove bouncycastle dependency from keycloak-services (#13489) 
Closes #12857


Co-authored-by: mposolda <mposolda@gmail.com>
 2022-08-22 15:43:59 +02:00
Marek Posolda
7e925bfbff
Unit tests in "crypto/fips1402" passing on RHEL 8.6 with BC FIPS approved mode. Cleanup (#13406) 
Closes #13128
 2022-07-29 18:03:56 +02:00
Stian Thorgersen
ae33af92d9
Promote new admin console to default (#13243) 
Closes #13242
 2022-07-27 10:13:49 +02:00
Marek Posolda
4e4fc16617
Skip adding xmlsec security provider. Adding KeycloakFipsSecurityProvider to workaround 'Security.getInstance("SHA1PRNG")' (#12786) 
Closes #12425 #12853
 2022-07-26 16:40:36 +02:00
David Anderson
ee0c67c0c8
Remove BC dependancy from keycloak-core (#13235) 
Closes #12856
 2022-07-23 12:07:16 +02:00
Stian Thorgersen
a251d785db
Remove text based login flows (#13249) 
* Remove text based login flows

Closes #8752

* Add display param back in case it's used by some custom authenticators
 2022-07-22 15:15:25 +02:00
David Anderson
8ce10df6da
Extract BC from keycloak-common (#13064) 
Closes #12855
 2022-07-16 09:36:07 +02:00
Marcelo Daniel Silva Sales
f7a80409a9
Add flow to generate secret length based on signature algorithm (#13107) 
Closes #9376
 2022-07-15 11:06:07 +02:00
Pedro Igor
605b51890e Enables the new store and the concurrenthashmap provider 
Closes #12651
 2022-06-30 10:55:22 -03:00
Clara Fang
4643fd09e3 Replace occurrences of getParameterTypes().length and getParameters().length with getParameterCount() 
This should reduce GC pressure.

Closes #12644
 2022-06-29 08:53:09 +02:00
Marek Posolda
be1e31dc68
Introduce crypto/default module. Refactoring BouncyIntegration (#12692) 
Closes #12625
 2022-06-29 07:17:09 +02:00
rmartinc
711440e513 [#11036] Identity Providers: Add support for elliptic curve signatures (ES256/ES384/ES512) using JWKS URL 2022-06-21 10:52:25 -03:00
Alexander Schwartz
850af55edc Ensure that only JDK 8 APIs are used where JDK 8 is still required. 
Closes #10842
 2022-06-20 14:44:33 -03:00
Marek Posolda
e856a62fb2
Make CertificateUtils class to work with both fips and non-fips (#12499) 
Closes #12498
 2022-06-15 09:39:03 +02:00