libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
22115 commits 4 branches 5 tags 480 MiB
Commit graph

22115 commits

This branch
This branch
All branches
Author SHA1 Message Date
Marek Posolda
8080085cc1
Removing 'http challenge' authentication flow and related authenticators (#20731) 
closes #20497


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2023-06-08 14:52:34 +02:00
Alexander Schwartz
4d0fa6796f
Upgrade to Infinispan 14.0.10.Final (#20804) 
Closing #20803
 2023-06-08 10:43:22 +02:00
Hynek Mlnarik
12dd3edb10 Fix pagination issue with H6 
With Hibernate ORM 6, pagination started to be unreliable: When
setting the max results only if the first row was 0 has randomly
affected other threads where first row was greater than 0. The
latter thread sometimes produced query which did *not* account
for the offset (cf. threads `-t1` and `-t2` below, while `-t2`
missed the `offset ? rows` part whic `-t3` has).

This has been fixed by setting the first row offset unconditionally.

Closes: #20202
Closes: #16570

```
2023-06-02 10:19:03.855000 TRACE [org.keycloak.models.sessions.infinispan.initializer.SessionInitializerWorker] (blocking-thread-node-2-p8-t1) Running computation for segment 0 with worker 0
2023-06-02 10:19:03.856000 TRACE [org.keycloak.models.sessions.infinispan.initializer.OfflinePersistentUserSessionLoader] (blocking-thread-node-2-p8-t1) Loading sessions for segment=0 lastSessionId=00000000-0000-0000-0000-000000000000 first=0
2023-06-02 10:19:03.856000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t1) Set max to 64 in org.hibernate.query.sqm.internal.QuerySqmImpl@2fb60f8b
2023-06-02 10:19:03.856000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t1) After pagination: 0, 64
2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.SessionInitializerWorker] (blocking-thread-node-2-p8-t2) Running computation for segment 1 with worker 1
2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.OfflinePersistentUserSessionLoader] (blocking-thread-node-2-p8-t2) Loading sessions for segment=1 lastSessionId=00000000-0000-0000-0000-000000000000 first=64
2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.SessionInitializerWorker] (blocking-thread-node-2-p8-t3) Running computation for segment 2 with worker 2
2023-06-02 10:19:03.857000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t2) Set first to 64 in org.hibernate.query.sqm.internal.QuerySqmImpl@71464e9f
2023-06-02 10:19:03.857000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t2) Set max to 64 in org.hibernate.query.sqm.internal.QuerySqmImpl@71464e9f
2023-06-02 10:19:03.857000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t2) After pagination: 64, 64
2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.OfflinePersistentUserSessionLoader] (blocking-thread-node-2-p8-t3) Loading sessions for segment=2 lastSessionId=00000000-0000-0000-0000-000000000000 first=128
10:19:03,859 DEBUG [org.hibernate.SQL] (blocking-thread-node-2-p8-t1)
    select
        p1_0.OFFLINE_FLAG,
        p1_0.USER_SESSION_ID,
        p1_0.CREATED_ON,
        p1_0.DATA,
        p1_0.LAST_SESSION_REFRESH,
        p1_0.REALM_ID,
        p1_0.USER_ID
    from
        OFFLINE_USER_SESSION p1_0,
        REALM r1_0
    where
        r1_0.ID=p1_0.REALM_ID
        and p1_0.OFFLINE_FLAG=?
        and p1_0.USER_SESSION_ID>?
    order by
        p1_0.USER_SESSION_ID fetch first ? rows only
10:19:03,859 DEBUG [org.hibernate.SQL] (blocking-thread-node-2-p8-t2)
    select
        p1_0.OFFLINE_FLAG,
        p1_0.USER_SESSION_ID,
        p1_0.CREATED_ON,
        p1_0.DATA,
        p1_0.LAST_SESSION_REFRESH,
        p1_0.REALM_ID,
        p1_0.USER_ID
    from
        OFFLINE_USER_SESSION p1_0,
        REALM r1_0
    where
        r1_0.ID=p1_0.REALM_ID
        and p1_0.OFFLINE_FLAG=?
        and p1_0.USER_SESSION_ID>?
    order by
        p1_0.USER_SESSION_ID fetch first ? rows only
2023-06-02 10:19:03.860000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t1) binding parameter [1] as [VARCHAR] - [1]
2023-06-02 10:19:03.860000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t1) binding parameter [2] as [VARCHAR] - [00000000-0000-0000-0000-000000000000]
2023-06-02 10:19:03.860000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t1) binding parameter [3] as [INTEGER] - [64]
10:19:03,860 DEBUG [org.hibernate.SQL] (blocking-thread-node-2-p8-t3)
    select
        p1_0.OFFLINE_FLAG,
        p1_0.USER_SESSION_ID,
        p1_0.CREATED_ON,
        p1_0.DATA,
        p1_0.LAST_SESSION_REFRESH,
        p1_0.REALM_ID,
        p1_0.USER_ID
    from
        OFFLINE_USER_SESSION p1_0,
        REALM r1_0
    where
        r1_0.ID=p1_0.REALM_ID
        and p1_0.OFFLINE_FLAG=?
        and p1_0.USER_SESSION_ID>?
    order by
        p1_0.USER_SESSION_ID offset ? rows fetch first ? rows only
2023-06-02 10:19:03.861000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t3) binding parameter [3] as [INTEGER] - [128]
2023-06-02 10:19:03.861000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t3) binding parameter [4] as [INTEGER] - [64]
```

Co-authored-by: mkanis <mkanis@redhat.com>
 2023-06-07 20:45:34 +02:00
Miquel Simon
7e95d57faa Add Migration Tests to CI workflow 2023-06-07 19:43:48 +02:00
Steven Hawkins
075d913037
enabling keycloak to be a scalable resource (#20828) 
Closes #20825
 2023-06-07 17:57:25 +02:00
Saman-jafari
31db84e924 fix: issuedFor added to token to get client id into the token also redirect uri added to token and then passed to info template for "back to application" functionality 
test also added to check the availability of issueFor(azp) and redirect uri in Action
Fixes #14860
Fixes #15136
 2023-06-07 12:19:46 -03:00
Zvi Grinberg
ace83231ee Update RegexPolicyTest.java 
Add forgotten imports
 2023-06-07 10:18:10 -03:00
Zvi Grinberg
b29ce53f6e Fix bug in regex policy evaluation that it ignored flatted user claims that are mapped by protocol mappers to complex JSON structure in access token( in the access token JWT it's key and value is a JSON by itself) 
fixes: #20436
Signed-off-by: Zvi Grinberg <zgrinber@redhat.com>
 2023-06-07 10:18:10 -03:00
Steven Hawkins
d77041f177
mostly updating the logic to newer fabric8 apis (#20825) 
Closes #20822
 2023-06-07 14:58:39 +02:00
Vlasta Ramik
3b2dea64ac
Remove duplicated and unused PersistenceExceptionConverter (#20844) 
Closes #20842
 2023-06-07 14:46:36 +02:00
Peter Zaoral
f4cc6d7b76 Update the docs 
* updated the release notes
* updated the FIPS guide

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2023-06-07 09:23:12 -03:00
Alice Wood
7e56938b74 Extend group search attribute functionality to account for use case where only the leaf group is required 2023-06-07 08:52:23 -03:00
rmartinc
9bc30f4705 EventBuilder fixes to copy the store and session context 
Closes https://github.com/keycloak/keycloak/issues/20757
Closes https://github.com/keycloak/keycloak/issues/20105
 2023-06-07 08:34:27 -03:00
Jon Koops
9a8d1ca1f3
Stop waiting page load when calling assertCurrent() (#20786) 2023-06-07 13:13:46 +02:00
ComplexSpaces
1af4a7a532
Pass webauthn signature algorithm IDs as integers instead of strings (#20832) 
closes #20831
 2023-06-07 11:46:16 +02:00
Martin Bartoš
bea8778683 Use new method for obtaining DB dialect 2023-06-07 10:14:34 +02:00
Pedro Hos
9ebd94a3a8 Userinfo endpoint doesn't accept charset #20671 
Closes 20671
 2023-06-07 08:08:05 +02:00
Bruno Sanches
ecf4dbfb18
Check if formData is empty before putting login hint (#20733) 
closes keycloak#20732
 2023-06-06 17:14:08 -04:00
Václav Muzikář
0c2ac4f776
Remove mentions of temporary support for Java EE Admin Client (#20807) 2023-06-06 15:39:56 -03:00
Jon Koops
fcd2a5138d
Update dependencies to latest version (#20788) 2023-06-06 12:35:06 -04:00
Václav Muzikář
989ffe2d22
Remove Fabric8 override from the Operator (#20728) 
Closes #20130
 2023-06-06 13:58:20 +00:00
Artur Baltabayev
041441f48f
Improved Reset OTP authenticator (#20572) 
* ResetOTP authenticator can now be configured, so that one or all existing OTP configurations are deleted upon reset.

Closes #8753
---------

Co-authored-by: bal1imb <Artur.Baltabayev@bosch.com>
 2023-06-06 08:30:44 -03:00
Erik Jan de Wit
cbed5849f5
join title and expand section together (#20590) 
* join title and expand section together

fixes: #20329

* but expandable inside <li>
 2023-06-06 07:33:02 +02:00
Steven Hawkins
d045156ba4
Adding the ability to set ingressClassName (#20796) 
Closes #20723
 2023-06-05 21:10:39 +00:00
dependabot[bot]
d5ef798cac
Bump github/codeql-action from 2.3.3 to 2.3.6 (#20765) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.3 to 2.3.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/v2.3.6/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.3.3...v2.3.6)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-05 17:28:02 -03:00
rmartinc
81aa588ddc Fix and correlate session timeout calculations in legacy and new map implementations 
Closes https://github.com/keycloak/keycloak/issues/14854
Closes https://github.com/keycloak/keycloak/issues/11990
 2023-06-05 18:46:23 +02:00
Jon Koops
8eee3f434b
Fix test for brute force detection of recovery codes (#20784) 2023-06-05 11:55:30 -04:00
Alexander Schwartz
2b16fda3a1
Setting ParallelGC as the default garbage collector (#20606) 
Closing #20568
 2023-06-05 17:48:28 +02:00
rmartinc
d80094793b Manage elytron configuration if configured for JDK-17 
Closes https://github.com/keycloak/keycloak/issues/20385
 2023-06-05 13:50:28 +02:00
Stan Silvert
d89679e62d
theme.properties customizations for account v3 (#20450) 
* theme.properties customizations for account v3
Fixes #20200

* theme.properties customizations for account v3
Fixes #20200

* Get rid of conditional hook

* Fix linting.

* Update js/apps/account-ui/src/root/Root.tsx

Co-authored-by: Jon Koops <jonkoops@gmail.com>

* Update js/apps/account-ui/src/environment.ts

Co-authored-by: Jon Koops <jonkoops@gmail.com>

---------

Co-authored-by: Jon Koops <jonkoops@gmail.com>
 2023-06-05 07:50:15 -04:00
Jon Koops
7ce96bb6d5
Remove workaround for legacy consoles from waitForPageToLoad (#20754) 2023-06-05 07:48:08 -04:00
Azarchaniel
381b9a7fd4
Fixed Slovak translations for plurals - seconds, minutes, hours, days (#20748) 
Closes #20742
 2023-06-05 09:59:06 +00:00
Alexander Schwartz
cd9e0be9f0 Filter first, then sort, and avoid atomics 
Closes #20394
 2023-06-05 11:23:54 +02:00
Stan Silvert
b63fccb062
Fix required getting toggled on when creating new UP attribute. (#20735) 
Fixes #20536
 2023-06-02 16:12:47 -04:00
Jon Koops
6ef73892a1
Add simplified Chinese localization for the Admin Console (#20752) 
Co-authored-by: Xiankun Li <xianli@redhat.com>
 2023-06-02 21:31:48 +02:00
Matthew Helmke
6ce9676d68 Update docs/documentation/internal_resources/contributing.adoc 
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2023-06-02 07:58:59 -03:00
Matthew Helmke
4761ac1587 Update contributing.adoc 
Just fixed a link that went stale when the docs moved from their own repo into the main one.

Oh, and hello!! :D
 2023-06-02 07:58:59 -03:00
Aboullos
612fe33ade
Remove AccountUpdateProfilePage from the testsuite (#19362) 
closes #15202
 2023-06-02 11:46:49 +02:00
Daniele Martinoli
4eb05490f5
added per-instance filtering logic to search groups API (#20714) 2023-06-02 06:31:20 +00:00
Pedro Igor
f69ff5d270 Execution config not duplicated when duplicating flows 
Closes #12012
 2023-06-01 16:12:06 +02:00
Bruno Oliveira da Silva
dcdd102f8c
Update Keycloak to Quarkus 3.1.0.Final (#20698) 
Closes #20697
 2023-06-01 13:50:15 +02:00
Václav Muzikář
f627e9535f
Add support to the Operator for setting default labels on Keycloak pods (#20661) 
Closes #20625
 2023-06-01 13:39:41 +02:00
Jon Koops
cd9dce68da
Add eslint-plugin-react-hooks to enforce the Rules of Hooks (#20707) 2023-06-01 11:56:06 +02:00
Martin Kanis
43a2eb40f1 Documentation for User Storage Spi is incorrect 
Closes #19763
 2023-06-01 10:05:57 +02:00
Pedro Igor
4a85b21eb3
Removing unnecessary message from main command help text (#20692) 
Closes #20689
 2023-06-01 09:12:39 +02:00
Bruno Oliveira da Silva
9193e2e09e
Update Snyk Workflow to target other branches (#20601) 
Closes #20364

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
 2023-06-01 09:03:09 +02:00
Erik Jan de Wit
f3c393f53e
use the "remember me" max time if set for expires (#20413) 
fixes: #9264
 2023-05-31 15:25:20 -04:00
Erik Jan de Wit
3862f82c2d
added fine-grained auth on EffectiveRoleMappingResource (#20417) 2023-05-31 10:09:18 -04:00
Pedro Igor
53dfb44a8f
Migration guide for JAX-RS changes (#20659) 
Closes #keycloak/keycloak#15454
 2023-05-31 13:50:34 +00:00
mposolda
bf9c5821cb Fix for certificate revalidation 
closes https://security.snyk.io/vuln/SNYK-JAVA-ORGKEYCLOAK-5291542
 2023-05-31 15:42:37 +02:00