keycloak-scim

Author	SHA1	Message	Date
Hynek Mlnarik	65fcd44fe1	Use admin console correctly in KeycloakIdentity Fixes: #29688 Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>	2024-05-21 13:35:44 +02:00
rmartinc	3304540855	Allow admin console whoami endpoint to applications that have a special attribute Closes #29640 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-05-20 09:51:07 +02:00
Richard van den Berg	cb3f248d73	Document getGroupById() will not set subGroups in JavaDoc Closes #27787 Signed-off-by: Richard van den Berg <richard@vdberg.org>	2024-05-17 17:05:25 +02:00
Filipe Roque	e83f3af080	Call super constructor in subclasses of WebApplicationException Frameworks like Datadog dd-trace-java java agent inspect the known WebApplicationException and mark the exception as an HTTP 500, because that is the default for the non argument constructor. https://github.com/keycloak/keycloak/issues/29451 Signed-off-by: Filipe Roque <froque@premium-minds.com>	2024-05-17 16:25:59 +02:00
Ricardo Martin	74a80997c7	Fix CRL verification failing due to client cert not being in chain (#29582 ) closes #19853 Signed-off-by: Micah Algard <micahalgard@gmail.com> Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Micah Algard <micahalgard@gmail.com> Co-authored-by: rmartinc <rmartinc@redhat.com>	2024-05-17 11:28:07 +02:00
Stefan Guilhen	bfa4660ecd	Add OpenAPI documentation for the Organization API Closes #29479 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-05-16 14:59:30 -03:00
Takashi Norimatsu	b4e7d9b1aa	Passkeys: Supporting WebAuthn Conditional UI (#24305 ) closes #24264 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com> Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: mposolda <mposolda@gmail.com>	2024-05-16 07:58:43 +02:00
rmartinc	89d7108558	Restrict access to whoami endpoint for the admin console and users with realm access Closes #25219 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-05-15 19:06:57 +02:00
Pedro Igor	b4d231fd40	Fixing realm removal when removing groups and brokers associated with an organization Closes #29495 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-14 14:29:27 +02:00
Pedro Igor	b5a854b68e	Minor improvements to invitation email templates (#29498 ) Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-14 13:19:02 +02:00
Pedro Igor	1b583a1bab	Email validation for managed members should only fail if it does not match the domain set to a broker Closes #29460 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-14 10:46:22 +02:00
mposolda	d8a7773947	Adding dummyHash to DirectGrant request in case user does not exists. Fix dummyHash for normal login requests closes #12298 Signed-off-by: mposolda <mposolda@gmail.com>	2024-05-13 16:33:29 +02:00
kaustubh-rh	8a82b6b587	Added a check in ClientInitialAccessResource (#29353 ) closes #29311 Signed-off-by: Kaustubh Bawankar <kbawanka@redhat.com>	2024-05-13 13:00:36 +02:00
vramik	fbdaf03972	Ensure master realm can't be removed Fixes #28896 Signed-off-by: vramik <vramik@redhat.com>	2024-05-13 07:47:48 -03:00
rmartinc	2cc051346d	Allow empty CSP header in headers provider Closes #29458 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-05-13 10:51:31 +02:00
Pedro Igor	b50d481b10	Make sure organization groups can not be managed but when managing an organization Closes #29431 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-10 21:28:11 -03:00
Stefan Guilhen	f0620353a4	Ensure master realm can't be removed Closes #28896 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-05-10 16:56:18 -03:00
Stefan Guilhen	ceed7bc120	Add ability to search organizations by attribute Closes #29411 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-05-10 16:45:41 -03:00
Pedro Igor	77b58275ca	Improvements to the organization authentication flow Closes #29416 Closes #29417 Closes #29418 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-09 16:07:52 -03:00
Pedro Igor	a65508ca13	Simplifying the CORS SPI and the default implementation Closes #27646 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-08 12:27:55 -03:00
Thomas Darimont	6ba8b3faa2	Revise ObjectMapper construction (#16295 ) Previously an ObjectMapper was created multiple times during startup: two times during bootstrap and one additional time for the first request sent to Keycloak. Additionally jackson modules, e.g. support for JSR310 java.time types were not registered event-though they are present on the classpath. This PR revises the initialization of the ObjectMapper. - Ensure ObjectMapper is only initialized once - Ensure that jackson modules on the classpath are properly Fixes #16295 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-05-07 19:04:43 +02:00
Martin Kanis	d4b7e1a7d9	Prevent to manage groups associated with organizations from different APIs Closes #28734 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-05-07 11:16:40 -03:00
Pedro Igor	f8bc74d64f	Adding SAML protocol mapper to map organization membership Closes #28732 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-07 15:52:35 +02:00
Stefan Guilhen	aa945d5636	Add description field to OrganizationEntity Closes #29356 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-05-07 10:35:51 -03:00
Pedro Igor	c0325c9fdb	Do not manage brokers through the Organization API Closes #29268 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-07 09:15:25 -03:00
Alice W	d1549a021e	Update invitation changes based on review and revert deleted test from OrganizationMembertest Signed-off-by: Alice W <105500542+alice-wondered@users.noreply.github.com>	2024-05-06 17:57:13 -03:00
Pedro Igor	7553679116	Using a common name for token parameter and setting it to action urls when available from query parameters Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-06 17:57:13 -03:00
Pedro Igor	5359840f10	Reverting changes to login action services Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-06 17:57:13 -03:00
Pedro Igor	6ae8c1e262	Reverting changes to freemarker login forms provider Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-06 17:57:13 -03:00
Pedro Igor	40a283b9e8	Token expiration tests and updates to registration required action Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-06 17:57:13 -03:00
Pedro Igor	158162fb4f	Review tests and having invitation related operations in a separate class Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-06 17:57:13 -03:00
Pedro Igor	287f3a44ce	registration link tests Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-06 17:57:13 -03:00
Alice W	ce2e83c7f9	Update test and link formation on invite of new user Signed-off-by: Alice W <105500542+alice-wondered@users.noreply.github.com>	2024-05-06 17:57:13 -03:00
Alice W	694105da89	Update the handling of invite tokens for new user registration to work with the base level oauth flows and implicit grants Signed-off-by: Alice W <105500542+alice-wondered@users.noreply.github.com>	2024-05-06 17:57:13 -03:00
Alice W	18356761db	Add test for user invite registration and fix minor bug with registration link generation and email templating Signed-off-by: Alice W <105500542+alice-wondered@users.noreply.github.com>	2024-05-06 17:57:13 -03:00
Pedro Igor	e0bdb42d41	adding test and minor updates to cover inviting existing users Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-06 17:57:13 -03:00
Alice W	584e92aaba	Add support for organizational invites to new and existing users based on tokens Signed-off-by: Alice W <105500542+alice-wondered@users.noreply.github.com>	2024-05-06 17:57:13 -03:00
Dimitri Papadopoulos Orfanos	cd8e0fd333	Fix user-facing typos in Javadoc (#28971 ) Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-05-06 18:57:55 +00:00
Stefan Guilhen	dae1eada3d	Add enabled field to OrganizationEntity Closes #28891 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-05-06 14:46:56 -03:00
Alexander Schwartz	2ebad818f9	Provide details in the log when a client credential grant fails (#28927 ) Closes #28926 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-06 09:31:25 +02:00
Alexander Schwartz	a9532274e3	Generate translations for locales via built-in Java functionality (#29125 ) Closes #29124 Signed-off-by: Jon Koops <jonkoops@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-05-06 09:30:14 +02:00
Giuseppe Graziano	c6d3e56cda	Handle reset password flow with logged in user Closes #8887 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-05-06 09:10:47 +02:00
Thomas Darimont	ba43a10a6d	Improve details for user error events in OIDC protocol endpoints Closes #29166 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-05-06 08:32:31 +02:00
Pedro Igor	32d25f43d0	Support for mutiple identity providers Closes #28840 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-04 16:19:27 +02:00
Justin Tay	7bd48e9f9f	Set logout token type to logout+jwt Closes #28939 Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>	2024-05-03 14:51:10 +02:00
Giuseppe Graziano	8c3f7cc6e9	Ignore include in token scope for refresh token Closes #12326 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-05-03 09:05:03 +02:00
alexagc	5e00fe8b10	Ignore g-recaptcha-response in user profile validation Signed-off-by: alexagc <alexcanal@gmail.com>	2024-05-02 17:12:54 -03:00
Steven Hawkins	4697cc956b	further refinement of context handling (#28182 ) * fully removing providers and moving the keycloaksession creation / final cleanup also deprecated Resteasy utility methods closes: #29223 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-02 11:21:01 -04:00
Stefan Guilhen	45e5e6cbbf	Introduce filtered (and paginated) search for organization members Closes #28844 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-05-02 11:25:43 -03:00
Patrick Jennings	64824bb77f	Client type service account default type (#29037 ) * Adding additional non-applicable client fields to the default service-account client type configuration. Signed-off-by: Patrick Jennings <pajennin@redhat.com> * Creating TypedClientAttribute which maps clientmodel fields to standard client type configurations. Adding overrides for fields in TypeAwareClientModelDelegate required for service-account client type. Signed-off-by: Patrick Jennings <pajennin@redhat.com> * Splitting client type attribute enum into 3 separate enums, representing the top level ClientModel fields, the extended attributes through the client_attributes table, and the composable fields on ClientRepresentation. Signed-off-by: Patrick Jennings <pajennin@redhat.com> * Removing reflection use for client types. Validation will be done in the RepresentationToModel methods that are responsible for the ClientRepresentation -> ClientModel create and update static methods. Signed-off-by: Patrick Jennings <pajennin@redhat.com> More updates Signed-off-by: Patrick Jennings <pajennin@redhat.com> * Update client utilzes type aware client property update method. Signed-off-by: Patrick Jennings <pajennin@redhat.com> * If user inputted representation object does not contain non-null value, try to get property value from the client. Type aware client model will return non-applicable or default value to keep fields consistent. Signed-off-by: Patrick Jennings <pajennin@redhat.com> * Cleaning up RepresentationToModel Signed-off-by: Patrick Jennings <pajennin@redhat.com> * Fixing issue when updating client secret. Signed-off-by: Patrick Jennings <pajennin@redhat.com> * Fixing issue where created clients would not have fullscope allowed, because getter is a boolean and so cannot be null. Signed-off-by: Patrick Jennings <pajennin@redhat.com> * Need to be able to clear out client attributes on update as was allowed before and causing failures in integration tests. Signed-off-by: Patrick Jennings <pajennin@redhat.com> * Fixing issues with redirectUri and weborigins defaults in type aware clients. Signed-off-by: Patrick Jennings <pajennin@redhat.com> * Need to allow client attributes the ability to clear out values during update. Signed-off-by: Patrick Jennings <pajennin@redhat.com> * Renaming interface based on PR feedback. Signed-off-by: Patrick Jennings <pajennin@redhat.com> * Shall be able to override URI sets with an empty set. Signed-off-by: Patrick Jennings <pajennin@redhat.com> * Comments around fields that are primitive and may cause problems determining whether to set sane default on create. Signed-off-by: Patrick Jennings <pajennin@redhat.com> --------- Signed-off-by: Patrick Jennings <pajennin@redhat.com>	2024-05-02 12:22:02 +02:00
Ricardo Martin	65bdf1a604	Encode realm name in console URIs (#29102 ) Before this fix console uris (including the client redirect uris) did not contain the url encoded realm name and therefore were invalid. closes #25807 Signed-off-by: Philip Sanetra <code@psanetra.de> Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Philip Sanetra <code@psanetra.de> Co-authored-by: rmartinc <rmartinc@redhat.com>	2024-05-02 10:30:06 +02:00
Stefan Guilhen	02e2ebf258	Add check to prevent deserialization issues when the context token is not an AccessTokenResponse. - also adds a test for the refresh token on first login scenario. Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-04-30 12:02:10 -03:00
Geoffrey Fourmis	24d9a22f49	25815 do not remove previous refresh token for federated identity Signed-off-by: Geoffrey Fourmis <geoffrey.fourmis@gmail.com>	2024-04-30 12:02:10 -03:00
rmartinc	8042cd5d4f	Set client in the context for docker protocol Fix to execute again the docker test Closes #28649 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-04-30 10:17:17 +02:00
Pedro Igor	51352622aa	Allow adding realm users as an organization member Closes #29023 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-04-29 08:37:47 -03:00
Alexander Schwartz	d55a8b0b17	Run validation of email addresses only for new and changed email addresses Closes #29133 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-04-29 07:38:26 -03:00
Stefan Guilhen	bfabc291cc	28843 - Introduce filtered (and paginated) searches for organizations Closes #28843 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-04-25 12:38:20 -03:00
Stefan Guilhen	8fa2890f68	28818 - Reintroduce search by name for subgroups Closes #28818 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-04-25 12:06:07 -03:00
vramik	d65649d5c0	Make sure organization are only manageable by the admin users with the manage-realm role Closes #28733 Signed-off-by: vramik <vramik@redhat.com>	2024-04-23 12:16:57 -03:00
Steven Hawkins	9486432f3f	fix: removing httpclient override (#28304 ) we need to have a dependency on commons-logging-jboss-logging closes: #21392 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-04-23 10:09:06 +02:00
Mark Banierink	ad32896725	replaced and removed deprecated token methods (#27715 ) closes #19671 Signed-off-by: Mark Banierink <mark.banierink@nedap.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-04-23 09:23:37 +02:00
mposolda	337a337bf9	Grant urn:ietf:params:oauth:grant-type:pre-authorized_code was enabled even if oid4vc_vci feature is disabled closes #28968 Signed-off-by: mposolda <mposolda@gmail.com>	2024-04-22 18:31:46 +02:00
Tero Saarni	64862d568e	Convert database errors to 500 instead of 400. Signed-off-by: Tero Saarni <tero.saarni@est.tech>	2024-04-22 11:42:18 -03:00
Stefan Guilhen	f1532565b6	Don't use no-arg version of GroupModel.getSubGroupsStream() when fetching the subgroups from the GroupResource endpoint. - prevents pre-loading all groups; instead use the stream from the JPA adapter to load subgroups one by one and then filter based on the user permissions. Closes #28935 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-04-22 11:27:29 -03:00
Marek Posolda	b553fc2ae0	Fix compilation error (#28965 ) closes #28964 Signed-off-by: mposolda <mposolda@gmail.com>	2024-04-22 11:19:33 +00:00
Erwin Rohde	10544a5a93	socketTimeoutUnits and establishConnectionTimeoutUnits use TimeUnit set in HttpClientBuilder Closes #28881 Signed-off-by: Erwin Rohde <erwin@rohde.nu>	2024-04-22 08:11:11 -03:00
Douglas Palmer	ed22530d16	Failure reset time is applied to Permanent Lockout Closes #28821 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-22 11:47:22 +02:00
Stefan Wiedemann	b08c644601	Support credentials issuance through oid4vci (#27931 ) closes #25940 Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>	2024-04-22 11:37:55 +02:00
Lex Cao	7e034dbbe0	Add IdpConfirmOverrideLinkAuthenticator to handle duplicate federated identity (#26393 ) Closes #26201. Signed-off-by: Lex Cao <lexcao@foxmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-04-22 11:30:14 +02:00
etiksouma	1afd20e4c3	return proper error message for admin users endpoint closes #28416 Signed-off-by: etiksouma <al@mouskite.com>	2024-04-20 12:17:53 +02:00
Pedro Ruivo	3e0a185070	Remove deprecated EnvironmentDependentProviderFactory.isSupported method Closes #26280 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-04-19 16:36:49 +02:00
Giuseppe Graziano	f6071f680a	Avoid the same userSessionId after re-authentication Closes keycloak/keycloak-private#69 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-04-19 14:44:39 +02:00
mposolda	c427e65354	Secondary factor bypass in step-up authentication closes #34 Signed-off-by: mposolda <mposolda@gmail.com> (cherry picked from commit e632c03ec4dbfbb7c74c65b0627027390b2e605d)	2024-04-19 14:43:53 +02:00
Giuseppe Graziano	897c44bd1f	Validation of providerId during required action registration Closes #26109 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-04-19 13:06:51 +02:00
Joerg Matysiak	76a5a27082	Refactored StripSecretsUtils in order to make it unit-testable, added unit tests for it Don't mask secrets at realm export Closes #21562 Signed-off-by: Joerg Matysiak <joerg.matysiak@bosch.com>	2024-04-18 18:26:47 -03:00
Pedro Igor	7483bae130	Make sure admin events are not referencing sensitive data from their representation Closes #21562 Signed-off-by: Joerg Matysiak <joerg.matysiak@bosch.com>	2024-04-18 18:26:47 -03:00
cgeorgilakis-grnet	89263f5255	Fix refresh token scope in refresh token flow with scope request parameter Closes #28463 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>	2024-04-18 16:17:46 -03:00
Ricardo Martin	4c2542b91f	Better management of domains in TrustedHostClientRegistrationPolicy (#139 ) (#28876 ) Closes keycloak/keycloak-private#63 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-04-18 16:06:50 +02:00
Ricardo Martin	8daace3f69	Validate Saml URLs inside DefaultClientValidationProvider (#135 ) (#28873 ) Closes keycloak/keycloak-private#62 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-04-18 16:04:13 +02:00
Ricardo Martin	fc6b6f0d94	Perform exact string match if redirect URI contains userinfo, encoded slashes or parent access (#131 ) (#28872 ) Closes keycloak/keycloak-private#113 Closes keycloak/keycloak-private#134 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Stian Thorgersen <stianst@gmail.com>	2024-04-18 16:02:24 +02:00
Hynek Mlnarik	9d1433d266	Update URL builder Fixes: keycloak/keycloak-quickstarts#548 Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>	2024-04-18 14:50:10 +02:00
vramik	860f3b7320	Prevent updating IdP via organization API not linked with the organization Closes #28833 Signed-off-by: vramik <vramik@redhat.com>	2024-04-18 09:14:54 -03:00
Stian Thorgersen	0d60e58029	Restrict the token types that can be verified when not using the user info endpoint (#146 ) (#28866 ) Closes #47 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Conflicts: core/src/main/java/org/keycloak/util/TokenUtil.java testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientTokenExchangeTest.java Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-04-18 14:11:05 +02:00
Stian Thorgersen	cbc4a8c305	Limit requests sent through session status iframe (#132 ) (#28864 ) Closes #116 Signed-off-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-04-18 14:02:37 +02:00
rmartinc	ddacfbdefd	Remove deprecated LinkedIn social provider Closes #23127 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-04-18 10:10:58 +02:00
Pedro Igor	f0f8a88489	Automatically fill username when authenticating to through a broker Closes #28848 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-04-18 08:24:34 +02:00
Pedro Igor	1e3837421e	Organization member onboarding using the organization identity provider Closes #28273 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-04-17 07:24:01 -03:00
Jon Koops	3216e7c781	Only allow a known refferer URI for the Account Console (#28743 ) Closes #27628 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-04-16 17:24:22 +02:00
Pedro Ruivo	63cb137b37	Remove usages of EnvironmentDependentProviderFactory.isSupported Closes #28751 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-04-16 09:43:23 +02:00
Stefan Guilhen	2ab8bf852d	Add validation for the organization's internet domains. Closes #28634 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-04-15 09:03:52 -03:00
Patrick Jennings	5e0d323304	Log exception when failure to augment client and re-throw instead of returning the raw client. Signed-off-by: Patrick Jennings <pajennin@redhat.com>	2024-04-15 09:39:34 +02:00
Patrick Jennings	551a3db987	Updating validation logic to match our expectations on what applicable should mean. Signed-off-by: Patrick Jennings <pajennin@redhat.com>	2024-04-15 09:39:34 +02:00
Patrick Jennings	03db2e8b56	Integration tests around client type parameter validation. Throw common ClientTypeException with invalid params requested during client creation/update requests. This gets translated into ErrorResponseException in the Resource handlers. Signed-off-by: Patrick Jennings <pajennin@redhat.com>	2024-04-15 09:39:34 +02:00
Patrick Jennings	9814733dd3	DefaultClientType service will now validate all client type default values and respond with bad request message with the affending parameters that attempt to override readonly in the client type config. Signed-off-by: Patrick Jennings <pajennin@redhat.com>	2024-04-15 09:39:34 +02:00
Patrick Jennings	c0f5dab209	If client cannot be augmented due to error, we shall return the un-augmented client entity. Signed-off-by: Patrick Jennings <pajennin@redhat.com>	2024-04-15 09:39:34 +02:00
Patrick Jennings	42202ae45e	Translate client type exception during client create into bad request response. Signed-off-by: Patrick Jennings <pajennin@redhat.com>	2024-04-15 09:39:34 +02:00
Giuseppe Graziano	4672366eb9	Simplified checks in IntrospectionEndpoint (#28642 ) Closes #24466 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com> Co-authored-by: mposolda <mposolda@gmail.com>	2024-04-12 21:19:04 +02:00
Marek Posolda	e6747bfd23	Adjust priority of SubMapper (#28663 ) closes #28661 Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-04-12 14:13:03 +02:00
Pedro Igor	61b1eec504	Prevent members with an email other than the domain set to an organization Closes #28644 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-04-12 08:33:18 -03:00
rmartinc	6d74e6b289	Escape slashes in full group path representation but disabled by default Closes #23900 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-04-12 10:53:39 +02:00

1 2 3 4 5 ...

4637 commits