Commit graph

925 commits

Author SHA1 Message Date
Pedro Ruivo
2387549308 Upgrade Infinispan to 14.0.27.Final
Closes #28033

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-03-19 11:18:42 +01:00
Stefan Wiedemann
67d3e1e467
Issue Verifiable Credentials in the VCDM format #25943 (#27071)
closes #25943


Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
2024-03-18 17:05:53 +01:00
Václav Muzikář
7ffba27336 Upgrade to Quarkus 3.8.2
Closes #27696

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-03-15 10:49:43 +01:00
Stian Thorgersen
81f3f211f3
Delete all deprecated and unmaintained examples (#27855)
Signed-off-by: stianst <stianst@gmail.com>
2024-03-15 07:24:20 +01:00
Ryan Emerson
a32808e8eb
Upgrade to Infinispan 14.0.26.Final
Closes #27871

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-03-13 17:24:20 +00:00
Ryan Emerson
daa4e4a96d
Downgrade aws-advanced-jdbc-wrapper to v2.3.1
Closes #27798

Signed-off-by: Ryan Emerson <remerson@redhat.com>
2024-03-12 10:55:28 +00:00
Alexander Schwartz
050acf0d94
Map Storage Removal: Remove deprecated model/legacy module (#27601)
Closes #26657

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-03-08 15:17:24 +00:00
Stu Tomlinson
662ab9811b
keycloak-model-legacy is deprecated, not removed
Closes #27529

Signed-off-by: Stu Tomlinson <stu@nosnilmot.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-03-05 14:09:38 +01:00
Ryan Emerson
244ecd45a7
Upgrade to Aurora Postgres 15.5
Closes #27509

Signed-off-by: Ryan Emerson <remerson@redhat.com>
2024-03-05 10:29:20 +01:00
Ryan Emerson
b066c59a83 Upgrade aws-advanced-jdbc-wrapper to v2.3.4. Resolves #27478
Signed-off-by: Ryan Emerson <remerson@redhat.com>
2024-03-04 16:20:58 +01:00
Václav Muzikář
4eb8d51ead
Upgrade to Quarkus 3.8 (#27370)
Closes #26859
Closes #27204

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-29 10:44:18 +01:00
Ryan Emerson
0c67959326
Downgrade aws-advanced-jdbc-wrapper to v2.3.1
Closes #27290

Signed-off-by: Ryan Emerson <remerson@redhat.com>
2024-02-27 13:44:47 +01:00
Alexander Schwartz
516d86cda6
Upgrade to Infinispan 14.0.25 (#27288)
Closes #27280

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-26 13:59:10 +01:00
Václav Muzikář
35537d6289
Upgrade to Quarkus 3.7.4 (#27231)
Closes #27226

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-22 12:42:46 -03:00
Alexander Schwartz
7135b4ec4c
Add Amazon Aurora PostgreSQL to the list of tested databases (#27049)
Closes #27048

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-19 09:16:49 +01:00
Václav Muzikář
738277b2c2
Upgrade to Quarkus 3.7.3 (#27037)
Closes #27036

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-15 15:03:56 +01:00
Václav Muzikář
cdb1841828
Upgrade to Quarkus 3.7.2 (#26938)
Closes #26916

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-12 09:23:24 +01:00
Alexander Schwartz
ebf31671e0
Upgrade Infinispan to the latest version (#26850)
Closes #26812

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-09 10:52:27 +01:00
Steven Hawkins
402c7d9b18
Removing version overrides and further aligning with quarkus versions (#26788)
* elevating wildfly-elytron-http-oidc version management

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* removing testing dependency overrides

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* further version aligment with quarkus

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* adding a resteay-core-spi that can be overriden

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* removing hamcrest override

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* aligning with 3.7.1

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-02-07 17:57:23 +01:00
Steven Hawkins
54a55bf1a6 Update pom.xml
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2024-02-07 13:47:57 -03:00
Steve Hawkins
a9f746380a task: upgrade to osgi 6.0.0
closes #26823

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-02-07 13:47:57 -03:00
Stian Thorgersen
c4b1fd092a
Use code from RestEasy to create and set cookies (#26558)
Closes #26557

Signed-off-by: stianst <stianst@gmail.com>
2024-02-06 15:14:04 +01:00
Alexander Schwartz
3023d5fbaa Align JDBC drivers with Quarkus upstream
Closes #26570

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-05 19:07:25 +01:00
Stefan Guilhen
fbeba83b87 Upgrade liquibase to version 4.25.1
Closes #26570

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-02-05 19:07:25 +01:00
Václav Muzikář
8833b9d2ac
Upgrade to Quarkus 3.7.1 (#26736)
Closes #26701
Closes #23854

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-02 15:57:23 +00:00
Martin Bartoš
14d97ca9ea Update Maven dependency versions for docs
Update Maven Wrapper version

Closes #26689

Fixes #26686

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-02-01 13:42:25 +01:00
Steven Hawkins
37acb2fd09
task: upgrading to quarkus 3.7.0.CR1 (#26203)
there are several downgrades from the quarkus versions, and some
additional logic needed to handle changes with re-creating the
configuration

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-31 18:23:07 +00:00
Martin Kanis
7797f778d1 Map Store Removal: Rename legacy modules
Closes #24107

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-25 16:29:16 +01:00
Takashi Norimatsu
b99f45ed3d Supporting EdDSA
closes #15714

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>

Co-authored-by: Muhammad Zakwan Bin Mohd Zahid <muhammadzakwan.mohdzahid.fg@hitachi.com>
Co-authored-by: rmartinc <rmartinc@redhat.com>
2024-01-24 12:10:41 +01:00
Stian Thorgersen
fea49765f0
Remove Jetty 9.4 adapters (#26261)
Only removing the distribution of the Jetty adapter for now, and leaving the rest for now. This is due to the complexity of removing all Jetty adapter code due to Spring, OSGI, Fuse, testsuite, etc. and it will be better to leave the rest of the clean-up to after 24 when we are removing most adapters

Closes #26255

Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 11:17:29 +01:00
Douglas Palmer
ee5593a88f CVE-2022-1471- SnakeYaml remote code execution by sending malicious YAML content
Closes #25261
Signed-off-by: Douglas Palmer dpalmer@redhat.com
2024-01-24 11:08:17 +01:00
Alexander Schwartz
a8eca6add0
Changing to the Infinispan BOM to avoid mis-aligned Infinispan dependencies (#26137)
Closes #22922

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
2024-01-15 09:20:47 +01:00
Martin Kanis
022e809373 Map Store Removal: Remove protostream dependency
Closes #25288

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-03 16:04:00 +01:00
Michal Hajas
b1777defbd Upgrade Infinispan to 14.0.21.Final
Closes #25287

Signed-off-by: Michal Hajas <mhajas@redhat.com>
2023-12-05 13:20:55 +01:00
Alfredo Moises Boullosa
0b48bef0b1 Update springboot version
Signed-off-by: Alfredo Moises Boullosa <aboullos@redhat.com>
2023-12-04 11:15:51 +01:00
Václav Muzikář
1be51ee510 Downgrade Oracle driver
Closes #24983

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2023-11-27 16:07:59 +01:00
Jean-Francois Denise
203eb3421a Add Galleon layer metadata to the SAML Galleon feature-pack
Signed-off-by: Jean-Francois Denise <jdenise@redhat.com>
2023-11-22 10:56:27 +01:00
Václav Muzikář
3bc7ef7ed5
Update to Quarkus 3.2.9 (#24842)
Closes #24841
Closes #24160

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-20 14:27:13 +01:00
Martin Bartoš
fd56666334 SAML ECP does not work on the latest WF/EAP8
Fixes #24746

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2023-11-16 21:17:19 +01:00
vramik
6fa26d7ff4 Delete map dependencies from dependency management
Closes #24101
2023-11-08 13:53:17 +01:00
Peter Skopek
e5eded0eab
Add possibility to override fileName and base directory of Keycloak Quarkus distribution ZIP archive (#24284)
Closes #24283

Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-11-07 10:31:58 +01:00
Bruno Oliveira da Silva
599cc41715 CVE-2023-44483 - Insertion of Sensitive Information into Log File vulnerability in org.apache.santuario:xmlsec
Closes #24224
2023-10-31 10:51:03 +01:00
Bruno Oliveira da Silva
8df561c675 CVE-2023-4586 - Hot Rod client does not enable hostname validation when using TLS that lead to a MITM attack
A vulnerability was found in the Hot Rod client. This security issue
occurs as the Hot Rod client does not enable hostname validation when
using TLS, possibly resulting in a man-in-the-middle (MITM) attack.

Closes #24328

Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-10-30 15:57:53 +01:00
Jon Koops
5464205ab2
Cache Node.js installation and PNPM store
Closes #23695
2023-10-30 07:50:06 -04:00
Martin Bartoš
9627187447
Adapter tests failing with Jakarta error (#24177)
Fixes #24176
2023-10-24 10:11:48 -04:00
Bruno Oliveira da Silva
b05b575646
CVE-2023-44487 Denial of Service (DoS) vulnerability in io.netty (#24115)
Closes #23949
2023-10-20 09:13:27 +02:00
Stefan Guilhen
a4073bae46 Upgrade H2 to 2.2.224
Closes #24064
2023-10-18 18:09:49 +02:00
Sophie Tauchert
9df1c781eb Fix generated OpenAPI spec
Changes:
- update the smallrye openapi generator plugin to latest to correctly handle
  Stream<T> responses
- add annotations to RealmRepresentation.clientProfiles and .clientPolicies
2023-10-10 11:41:46 +02:00
vramik
7f2f4aae67 Upgrade liquibase version to avoid a bug where a changeset is executed twice
Closes #23220
2023-10-05 13:35:05 +02:00
Alex Szczuczko
7953085ed2
Fix set-version.sh's handling of NPM versions (#23638)
This introduces a maven property, `project.version.npm`, to allow maven to know what NPM version is, in scenarios that it's not identical to `project.version`. This occurs when the set-version's semver translation code is activated

Closes #23635
2023-10-04 08:00:53 +02:00
rmartinc
7afd90982d Align wildfly-core and wildfly version for tests
Closes https://github.com/keycloak/keycloak/issues/23342
2023-09-21 10:53:57 +02:00
Václav Muzikář
07bd6a3983
Upgrade to Quarkus 3.2.6 (#23281)
Closes #23280
2023-09-15 13:46:43 +02:00
Pedro Igor
63fc38ca1f
Marking wildfly-common as compile scope (#23105) 2023-09-11 16:08:32 +02:00
Alexander Schwartz
93a80e9278
Upgrade to Infinispan 14.0.17 (#23097)
Closes #23046
2023-09-08 17:26:40 +02:00
Alexander Schwartz
2eb37dbe4f Remove MS SQL JDBC driver from the Keycloak product
Closes #22983
2023-09-07 15:30:34 +02:00
Peter Skopek
35c2d52a54 Set distinct wildfly-common versions for Quarkus and WildFly based modules
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-07 13:32:25 +02:00
Peter Skopek
bca5fe8051 Tidy up SAML Adapter Galleon Feature Pack build
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-07 13:32:25 +02:00
Farah Juma
ec08a7bb73 Update the Keycloak SAML adapter subsystem to no longer use the AttributeDefinition#getAttributeMarshaller method
Closes https://github.com/keycloak/keycloak/issues/22593

Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-07 13:32:25 +02:00
Peter Skopek
ef272f7668 SAML Adapter fix for EAP8 and WF29
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-07 13:32:25 +02:00
Peter Skopek
c92d10c750 Remove org.jetbrains:annotations:jar from server distribution. (#23015)
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-06 22:24:00 +02:00
Alexander Schwartz
71fa95721d
Upgrade to Infinispan 14.0.16 (#22945)
Closes #22932
2023-09-05 10:08:46 +02:00
Alexander Schwartz
65a3af8a1e
Upgrade to Infinispan 14.0.15.Final (#22887)
Closes #22855
2023-09-01 17:59:42 +02:00
Václav Muzikář
34348157ce
Upgrade to Quarkus 3.2.5.Final (#22746)
* Upgrade to Quarkus 3.2.5.Final
* Update K8s version

Closes #22745
2023-08-30 09:36:35 +02:00
Jon Koops
94f41444f4
Bump Node.js and PNPM versions (#22796) 2023-08-29 14:54:49 -04:00
Václav Muzikář
27b23ccefb
Upgrade to Quarkus 3.2.4.Final (#22419)
Closes #22418
2023-08-16 16:30:16 +02:00
Peter Skopek
ec2728c55c Update webauth4j to 0.21.5.RELEASE
Closes #22464
2023-08-16 10:21:18 -03:00
Alexander Schwartz
dfc8c80264
Upgrade to Infinispan 14.0.14 (#22386)
Closes #21092
2023-08-16 14:43:03 +02:00
Václav Muzikář
4b537bee42 Upgrade to Quarkus 3.2.3
Closes #22220
2023-08-04 14:51:26 +02:00
Václav Muzikář
ecdf8e897f
Upgrade to Quarkus 3.2.2.Final (#21912)
Closes #21907
2023-07-26 16:20:23 +02:00
Alexander Schwartz
7c9593f88a
Upgrade Infinispan to 14.0.13.Final (#21565)
Closes #21564
2023-07-20 16:59:19 +00:00
Václav Muzikář
776bcbcbd4
Update bcpkix and bcprov dependencies (#21543)
Closes #21360
2023-07-20 11:57:18 +02:00
Bruno Oliveira da Silva
ebf878e1f0
CVE-2022-45868 H2 Cleartext Storage of Sensitive Information (#21568)
Closes #21567
2023-07-11 08:09:24 +02:00
Václav Muzikář
97a37f565e
Align guava dependency with the Quarkus Platform BOM (#21544)
Closes #21364
2023-07-10 16:13:13 +02:00
Bruno Oliveira da Silva
ebc9e9f4ef CVE-2023-21971 - Update Connector/J to 8.0.33
Updates to the library name to align with the changes here:
- https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/news-8-0-31.html

Closes #21199
2023-07-07 20:48:38 +02:00
Gregor Tudan
4517ef5d7e
Bump Freemarker to Version 2.3.32. (#16866)
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-07-07 10:40:59 -03:00
Peter Zaoral
2b1c29a6f2 Use Quarkus Platform BOM
Closes #20570
Closes #15870

Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
2023-07-06 12:45:48 -03:00
Alexander Schwartz
3f1553c6cb Referencing information in pom.xml for the list of tested databases
Closes: #21349
2023-07-06 11:39:11 -03:00
Miquel Simon
e1eb5146a6 Closes #20226 and #20227. Upgrade ojdbc11 version due to CVE-2022-21510 and CVE-2022-21511. 2023-07-06 13:27:39 +02:00
Miquel Simon
9513cbbca0
Upgrade nexus staging maven plugin version (#21428)
Closes #21427
2023-07-04 11:00:04 +00:00
mposolda
0ea2891eee Remove support for OpenJDK 11 on the server side
closes #15014
2023-07-03 13:12:22 -03:00
Václav Muzikář
8db6f8185b Upgrade to Quarkus 3.2.0.Final and QOSDK 6.2.0
Closes #21272
2023-07-03 08:11:18 -03:00
Václav Muzikář
ad988ca914 Upgrade to Quarkus 3.2.0.Final and QOSDK 6.2.0
Closes #21272
2023-07-03 08:11:18 -03:00
Miquel Simon
83d043e7a8
Upgrade supported and tested version of Postgresql to 15 in order to match supported configuration for Keycloak 22. (#21333)
Closes #21338
2023-06-30 11:29:06 +00:00
Joshua Sorah
f695eeaa44 Refactor Admin REST API Documentation to use OpenAPI annotations.
Removes dependencies on swagger-doclet
Adds dependencies on microprofile-openapi-api
Plugins for smallrye-open-api-maven-plugin, openapi-generator-maven-plugin

Customized ascii doc template for openapi-generator-maven-plugin, to give similar feel to previous documentation.

OpenAPI annotations added to Admin REST API resources.

Closes keycloak/keycloak#20433
2023-06-29 17:03:38 +02:00
Bruno Oliveira da Silva
67c64c37df Guava vulnerable to insecure use of temporary directory
Closes #21079
2023-06-23 11:50:17 -03:00
Bruno Oliveira da Silva
4103ec58d8 Update to Quarkus 3.1.2.Final
Closes #21051
2023-06-19 12:59:11 -03:00
Martin Bartoš
c3000984db
Upgrade to Quarkus 3.1.1.Final (#20958)
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-06-14 08:51:38 -03:00
Jon Koops
72af6a0454
Enable Dependabot for PNPM (#20975) 2023-06-14 07:24:27 +02:00
Bruno Oliveira da Silva
f90536d6be
High severity - Use of a Broken or Risky Cryptographic Algorithm vulnerability in org.bitbucket.b_c:jose4j (#20632)
Closes #20631
2023-06-13 08:22:50 +02:00
Alexander Schwartz
475b4fa05b
Remove override of mime4j version in parent pom (#20893)
Closes #20892

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
2023-06-12 13:23:41 +02:00
Martin Kanis
5730b54ac7 keycloak-server from testsuite won't start
Closes #20920
2023-06-12 13:22:21 +02:00
Alexander Schwartz
4d0fa6796f
Upgrade to Infinispan 14.0.10.Final (#20804)
Closing #20803
2023-06-08 10:43:22 +02:00
Jon Koops
fcd2a5138d
Update dependencies to latest version (#20788) 2023-06-06 12:35:06 -04:00
Bruno Oliveira da Silva
dcdd102f8c
Update Keycloak to Quarkus 3.1.0.Final (#20698)
Closes #20697
2023-06-01 13:50:15 +02:00
Václav Muzikář
f627e9535f
Add support to the Operator for setting default labels on Keycloak pods (#20661)
Closes #20625
2023-06-01 13:39:41 +02:00
stianst
0832992e59 Removing OpenShift integration and moving to separate extension
closes #20496

Co-authored-by: mposolda <mposolda@gmail.com>
2023-05-30 17:39:32 +02:00
Bruno Oliveira da Silva
38994de056
Update Keycloak to Quarkus 3.0.4.Final (#20561)
Closes #20560
2023-05-25 15:42:43 +02:00
rmartinc
827943571e Downgrade jna to 4.5.1 to align with prod
Closes https://github.com/keycloak/keycloak/issues/20387
2023-05-24 11:43:20 +02:00
mposolda
588265e463 Upgrade owasp sanitizer to newest version
closes #20388
2023-05-23 09:57:14 +02:00
dependabot[bot]
22593c5878
Bump undertow-core from 2.2.22.Final to 2.2.24.Final (#20463)
Bumps [undertow-core](https://github.com/undertow-io/undertow) from 2.2.22.Final to 2.2.24.Final.
- [Commits](https://github.com/undertow-io/undertow/compare/2.2.22.Final...2.2.24.Final)

---
updated-dependencies:
- dependency-name: io.undertow:undertow-core
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-22 16:31:19 +02:00