keycloak-scim

Author	SHA1	Message	Date
Lex Cao	a43ba73b93	Skip link only when client is not system when logout (#24595 ) Signed-off-by: Lex Cao <lexcao@foxmail.com>	2024-01-31 17:50:26 +01:00
rmartinc	01be4032d8	Enable verify-profile required action by default Closes #25985 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-01-31 13:32:53 +01:00
Lex Cao	f83756b177	Error handle for the Json request in createErrorPage Closes #13368 These changes introduce a new error handler for building error based on the media type. - It should create error form response when it is valid HTML request - It could create error response with JSON if content type matches Signed-off-by: Lex Cao <lexcao@foxmail.com>	2024-01-31 09:31:30 -03:00
Václav Muzikář	4096a2657e	Supported option to specify site name for multi-site deployments Closes #26460 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-31 11:52:19 +00:00
mposolda	10ba70c972	Possibility to email being not required closes #26552 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-01-31 10:57:10 +01:00
Thomas Darimont	346c2926f6	Fix error type in SAML response on missing destination We now use INVALID_SAML_RESPONSE insteadof INVALID_LOGOUT_RESPONSE. Added proposed test case. Closes #11178 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com> Co-authored-by: Michal Hajas <mhajas@redhat.com> Co-authored-by: Chris Dolphy <cdolphy@redhat.com>	2024-01-31 09:32:14 +01:00
Stefan Wiedemann	fa948f37e0	Issue Verifiable Credentials in jwt_vc format #25941 (#26484 ) closes #25941 Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>	2024-01-30 18:35:20 +01:00
mposolda	1213556eff	Fixes for UsernameIDNHomographValidator closes #26564 Signed-off-by: mposolda <mposolda@gmail.com>	2024-01-30 14:30:28 +01:00
Chris Tanaskoski	5373f3c97a	Don't fail reset credentials action upon first broker login without `EXISTING_USER_INFO` (#26324 ) The ResetCredentialsActionTokenHandler depends upon the `EXISTING_USER_INFO` through `AbstractIdpAuthenticator.getExistingUser` solely to log the username. However, if the first broker login flow does not include a `IdpCreateUserIfUniqueAuthenticator` or `IdpDetectExistingBrokerUserAuthenticator`, the `EXISTING_USER_INFO` is never set. This commit does not attempt to fetch the existing user if we don't have this info set. Closes #26323 Signed-off-by: Chris Tanaskoski <chris@devristo.com>	2024-01-30 11:16:52 +00:00
TheKeeroll	13b8db0026	typo fix (#26526 ) Signed-off-by: TheKeeroll <57570053+TheKeeroll@users.noreply.github.com>	2024-01-29 11:40:21 +00:00
Stian Thorgersen	0fb6bdfcac	Cookie Provider - move remaining cookies (#26531 ) Closes #26500 Signed-off-by: stianst <stianst@gmail.com>	2024-01-29 11:06:37 +01:00
Lex Cao	cf3f05a259	Skip grant role if exists for federated storage (#26508 ) Closes #26507 Signed-off-by: Lex Cao <lexcao@foxmail.com>	2024-01-26 17:08:47 +00:00
Stian Thorgersen	bc3c27909e	Cookie Provider (#26499 ) Closes #26500 Signed-off-by: stianst <stianst@gmail.com>	2024-01-26 10:45:00 +01:00
Martin Kanis	7797f778d1	Map Store Removal: Rename legacy modules Closes #24107 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-01-25 16:29:16 +01:00
Ricardo Martin	b58f35fb47	Revert "Enable verify profile required action by default for new realms" (#26495 ) This reverts commit `7f195acc14`. Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-01-25 12:28:16 +01:00
Stian Thorgersen	cbfdae5e75	Remove support for multiple AUTH_SESSION_ID cookies (#26462 ) Closes #26457 Signed-off-by: stianst <stianst@gmail.com>	2024-01-25 06:58:42 +01:00
rmartinc	7f195acc14	Enable verify profile required action by default for new realms Closes #25985 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-01-24 20:28:06 +01:00
Thomas Darimont	e7363905fa	Change password hashing defaults according to OWASP recommendations (#16629 ) Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2): - Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512 - Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000 - Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000 - Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000 - Adapt PasswordHashingTest to new defaults - The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations. - Document changes in changes document with note on performance and how to keep the old behaviour. - Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly Fixes #16629 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-01-24 18:35:51 +01:00
Florian Garcia	af0b9164e3	fix: hardcoded conditional rendering of client secret input field (#25776 ) Closes #22660 Signed-off-by: ImFlog <garcia.florian.perso@gmail.com> Co-authored-by: useresd <yousifmagdi@gmail.com>	2024-01-24 16:30:22 +01:00
Stian Thorgersen	85ddac26ed	Remove code that expires old cookie paths (#26444 ) Closes #26416 Signed-off-by: stianst <stianst@gmail.com>	2024-01-24 13:43:03 +01:00
Lex Cao	142c14138f	Add verify email required action for IdP email verification Closes #26418 Signed-off-by: Lex Cao <lexcao@foxmail.com>	2024-01-24 12:15:09 +01:00
Takashi Norimatsu	b99f45ed3d	Supporting EdDSA closes #15714 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com> Co-authored-by: Muhammad Zakwan Bin Mohd Zahid <muhammadzakwan.mohdzahid.fg@hitachi.com> Co-authored-by: rmartinc <rmartinc@redhat.com>	2024-01-24 12:10:41 +01:00
Martin Kanis	84603a9363	Map Store Removal: Rename Legacy* classes (#26273 ) Closes #24105 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-01-23 13:50:31 +00:00
Peter Zaoral	d9f8a1bf4e	Testing Keycloak with nightly Quarkus releases (#23407 ) Closes #23322 Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2024-01-23 09:43:31 +01:00
Douglas Palmer	e7d842ea32	Invalidate session secretly Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-01-19 15:44:35 -03:00
Douglas Palmer	18d0105de0	Invalidate authentication session on repeated OTP failures Closes #26177 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-01-19 15:44:35 -03:00
rmartinc	2f0a0b6ad8	Remove deprecated mode for saml encryption Closes #26291 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-01-18 16:52:10 +01:00
cgeorgilakis-grnet	ccade62289	Enhance error logs and error events during UserInfo endpoint and Token Introspection failure Closes #24344 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>	2024-01-16 11:26:29 +01:00
Alexander Schwartz	b9498b91cb	Deprecating the offline session preloading (#26160 ) Closes #25300 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-16 09:29:01 +01:00
cgeorgilakis-grnet	a3257ce08f	OIDC Protocol Mappers with same claim Closes #25774 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>	2024-01-15 09:16:12 -03:00
rmartinc	e162974a8d	Integrate registration with terms and conditions required action Closes #25891 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-01-15 10:19:30 +01:00
Alexander Schwartz	a8eca6add0	Changing to the Infinispan BOM to avoid mis-aligned Infinispan dependencies (#26137 ) Closes #22922 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Pedro Ruivo <pruivo@redhat.com> Co-authored-by: Pedro Ruivo <pruivo@redhat.com>	2024-01-15 09:20:47 +01:00
MikeTangoEcho	c2b132171d	Add X509 thumbprint to JWT when using private_key_jwt Closes keycloak#12946 Signed-off-by: MikeTangoEcho <mathieu.thine@gmail.com>	2024-01-12 16:01:01 +01:00
Lex Cao	47f7e3e8f1	Use email verification instead of executing action for `send-verify-email` endpoint Closes #15190 Add support for `send-verify-email` endpoint to use the `email-verification.ftl` instead of `executeActions.ftl` Also introduce a new parameter `lifespan` to be able to override the default lifespan value (12 hours) Signed-off-by: Lex Cao <lexcao@foxmail.com>	2024-01-11 16:28:02 -03:00
Jon Koops	5eb7363ddd	Promote Account Console v3 to default and deprecate v2 (#25852 ) Closes #19663 Signed-off-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2024-01-11 19:42:10 +01:00
mposolda	692aeee17d	Enable user profile by default closes #25151 Signed-off-by: mposolda <mposolda@gmail.com>	2024-01-11 12:48:44 -03:00
Patrick Hamann	d36913a240	Ensure protocol forced reauthentication is correctly mapped during SAML identity brokering Closes #25980 Signed-off-by: Patrick Hamann <patrick@fastly.com>	2024-01-10 20:46:35 +01:00
remi	b22efeec78	Add a toggle to use context attributes on the regex policy provider Signed-off-by: remi <remi.tuveri@gmail.com>	2024-01-10 16:15:25 -03:00
Réda Housni Alaoui	98230aa372	Add federated identity ProviderEvent(s) Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>	2024-01-10 11:56:38 -03:00
rmartinc	42f0488d76	Avoid returning duplicated users in LDAP and unsynced Closes #24141 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-01-10 12:47:15 +01:00
Réda Housni Alaoui	3c05c123ea	On invalid submission, IdpUsernamePasswordForm sends back the user to the standard UsernamePasswordForm template Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>	2024-01-09 16:04:52 -03:00
Alexander Schwartz	01939bcf34	Remove concurrent loading of remote sessions as at startup time only one node is up anyway. (#25709 ) Closes #22082 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Martin Kanis <martin-kanis@users.noreply.github.com>	2024-01-09 16:55:22 +01:00
Alexander Schwartz	03372d2f41	Fix OfflineServletAdapterTest failures, and improve logging (#25724 ) Closes #25714 Closes #14448 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-09 14:59:20 +01:00
shigeyuki kabano	67e73d3d4e	Enhancing Lightweight access token M2(keycloak#25716) Closes keycloak#23724 Signed-off-by: shigeyuki kabano <shigeyuki.kabano.sj@hitachi.com>	2024-01-09 09:42:30 +01:00
Ricardo Martin	097d68c86b	Escape action in the form_post.jwt and only decode path in RedirectUtils (#93 ) (#25995 ) Closes #90 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-01-09 08:20:14 +01:00
Alexander Schwartz	0a16b64805	Stabilizing test cases by adding cleanups Closes #24651 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-08 19:32:01 -03:00
Douglas Palmer	58d167fe59	Deleting a User or User Group might cause that all users suddenly get the permissions of the deleted user. Closes #24651 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-01-08 19:32:01 -03:00
Steven Hawkins	d1d1d69840	fix: adds a general error message and descriptions for some exceptions (#25806 ) closes: #25746 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-01-08 18:19:40 +00:00
Felix Gustavsson	0f47071a29	Check if UMA is enabled on resource, if not reject the request. Closes #24422 Signed-off-by: Felix Gustavsson <felix.gustavsson@topgolf.com>	2024-01-08 11:28:57 -03:00
Tomas Ondrusko	e4fa5c034a	Update web element of the LinkedIn login page (#25905 ) Signed-off-by: Tomas Ondrusko <tondrusk@redhat.com>	2024-01-08 11:32:45 +01:00
Pedro Igor	d540584449	Using a valid URI when deleting cookies before/after running tests Closes #22691 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-01-05 15:13:12 -03:00
atharva kshirsagar	d7542c9344	Fix for empty realm name issue Throw ModelException if name is empty when creating/updating a realm Closes #17449 Signed-off-by: atharva kshirsagar <atharva4894@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-05 14:23:42 +01:00
Pedro Igor	8ff9e71eae	Do not allow verifying email from a different account Closes #14776 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-01-05 12:45:07 +01:00
Pedro Igor	f476a42d66	Fixing the registration_client_uri to point to a valid URI after updating a client Closes #23229 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-01-05 12:41:36 +01:00
Ben Cresitello-Dittmar	057d8a00ac	Implement Authentication Method Reference (AMR) claim from OIDC specification This implements a method for configuring authenticator reference values for Keycloak authenticator executions and a protocol mapper for populating the AMR claim in the resulting OIDC tokens. This implementation adds a default configuration item to each authenticator execution, allowing administrators to configure an authenticator reference value. Upon successful completion of an authenticator during an authentication flow, Keycloak tracks the execution ID in a user session note. The protocol mapper pulls the list of completed authenticators from the user session notes and loads the associated configurations for each authenticator execution. It then captures the list of authenticator references from these configs and sets it in the AMR claim of the resulting tokens. Closes #19190 Signed-off-by: Ben Cresitello-Dittmar <bcresitellodittmar@mitre.org>	2024-01-03 14:59:05 -03:00
Jon Koops	07f9ead128	Upgrade Welcome theme to PatternFly 5 Closes #21343 Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-01-03 14:46:01 -03:00
Steven Hawkins	667ce4be9e	enhance: supporting versioned features (#24811 ) also adding a common PropertyMapper validation method closes #24668 Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2024-01-03 17:56:31 +01:00
Réda Housni Alaoui	5287500703	@NoCache is not considered anymore Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>	2024-01-02 09:06:55 -03:00
Alexander Schwartz	9e890264df	Adding a test case to check that the expiration time is set on logout tokens Closes #25753 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2023-12-22 20:13:40 +01:00
Niko Köbler	5e623f42d4	add the exp claim to the backchannel logout token This is now, as of Dec 15th 2023, part of the OIDC Backchannel Logout spec, chapter 2.4. As of chapter 4, the logout token should have a short expiration time, preferably at most two minutes in the future. So we set the expiration to this time. resolves #25753 Signed-off-by: Niko Köbler <niko@n-k.de>	2023-12-22 20:13:40 +01:00
Pedro Igor	ceb085e7b8	Update the UPDATE_EMAIL feature to rely on the user profile configuration when rendering templates and validating the email Closes #25704 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2023-12-20 15:15:06 -03:00
rmartinc	c2e41b0eeb	Make Locale updater generate an event and use the user profile Closes #24369 Signed-off-by: rmartinc <rmartinc@redhat.com>	2023-12-20 15:26:45 +01:00
Daniel Fesenmeyer	baafb670f7	Bugfix for: Removing all group attributes no longer works with keycloak-admin-client (java) Closes #25677 Signed-off-by: Daniel Fesenmeyer <daniel.fesenmeyer@bosch.com>	2023-12-20 14:03:35 +01:00
Konstantinos Georgilakis	cf57af1d10	scope parameter in refresh flow Closes #12009 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>	2023-12-20 14:00:10 +01:00
mposolda	eb184a8554	More info on UserProfileContext closes #25691 Signed-off-by: mposolda <mposolda@gmail.com>	2023-12-19 13:00:31 -03:00
Pedro Igor	810ebf4efd	Migration steps for enabling user profile by default Closes #25528 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2023-12-19 10:19:45 -03:00
Joshua Sorah	d411eafc42	Ensure 'iss' is returned when 'prompt=none' and user is not authenticated, per RFC9207 Closes keycloak/keycloak#25584 Signed-off-by: Joshua Sorah <jsorah@redhat.com>	2023-12-19 10:38:05 +01:00
Ricardo Martin	2ba7a51da6	Escape action in the form_post response mode (#60 ) Closes keycloak/keycloak-private#31 Closes https://issues.redhat.com/browse/RHBK-652 Signed-off-by: rmartinc <rmartinc@redhat.com>	2023-12-18 18:10:41 -03:00
Konstantinos Georgilakis	ba8c22eaf0	Scope parameter in Oauth 2.0 token exchange Closes #21578 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>	2023-12-18 15:44:26 -03:00
Pedro Igor	778847a3ce	Updating theme templates to render user attributes based on the user profile configuration Closes #25149 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2023-12-18 15:35:52 -03:00
rmartinc	d841971ff4	Updating the UP configuration needs to trigger an admin event Close #23896 Signed-off-by: rmartinc <rmartinc@redhat.com>	2023-12-18 19:24:30 +01:00
Steven Hawkins	ec28b68554	fix: improve group matching (#25627 ) closes #25451 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2023-12-18 11:46:02 +01:00
mposolda	cd154cf318	User Profile: If required roles ('user') and reqired scopes are set, the required scopes have no effect closes #25475 Signed-off-by: mposolda <mposolda@gmail.com>	2023-12-18 11:32:27 +01:00
Takashi Norimatsu	59536becec	Client policies : executor for enforcing DPoP closes #25315 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2023-12-18 10:45:18 +01:00
Joshua Sorah	a10149bbe9	For post logout redirect URI - Make '+' represent existing redirect URIs and merge with existing post logout redirect URIs Closes keycloak#25544 Signed-off-by: Joshua Sorah <jsorah@redhat.com>	2023-12-18 09:05:51 +01:00
Ricardo Martin	ae04b954a6	Fix for test SSSDUserProfileTest.test05MixedInternalDBUserProfile (#25570 ) Closes #25566 Signed-off-by: rmartinc <rmartinc@redhat.com>	2023-12-15 18:57:31 +00:00
Martin Bartoš	14fd61bacc	PubKeySignRegisterTest failures in WebAuthn tests Fixes #9693 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2023-12-15 14:52:05 +01:00
Erwin Rooijakkers	860978b15a	Change arg of getSubGroups to briefRepresentation Parameter name briefRepresentation should mean briefRepresentation, not full. This way callers will by default get the full representation, unless true is passed as value for briefRepresentation. Fixes #25096 Signed-off-by: Erwin Rooijakkers <erwin@rooijakkers.software>	2023-12-14 17:23:27 +01:00
Steven Hawkins	08751001db	enhance: adds truststores to the keycloak cr (#25215 ) also generally correcting the misspelling trustore closes: #24798 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2023-12-14 11:15:06 -03:00
mposolda	c81b533cf6	Update UserProfileProvider.setConfiguration. Tuning of UserProfileProvider.getConfiguration closes #25416 Signed-off-by: mposolda <mposolda@gmail.com>	2023-12-14 14:43:28 +01:00
Tomas Ondrusko	26342d829c	Update web elements of the Instagram login page Signed-off-by: Tomas Ondrusko <tondrusk@redhat.com>	2023-12-14 14:03:53 +01:00
rmartinc	c14bc6f2b0	Create terms and conditions execution when registration form is added Closes #21730 Signed-off-by: rmartinc <rmartinc@redhat.com>	2023-12-13 15:32:58 +01:00
Pedro Igor	fa79b686b6	Refactoring user profile interfaces and consolidating user representation for both admin and account context Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2023-12-13 08:27:55 +01:00
VR	1545b32a64	Revert changes related to map store in test classes in base testsuite Closes #24567 Signed-off-by: VR <vramik@redhat.com>	2023-12-12 16:16:38 +01:00
Thomas Darimont	0f5bbae75c	Add support for POST logout in Keycloak JS (#25348 ) Closes #25167 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2023-12-11 14:55:48 +01:00
Pedro Igor	78ba7d4a38	Do not allow removing username and email from user profile configuration Closes #25147 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2023-12-11 08:30:28 +01:00
Ricardo Martin	f78c54fa42	Fixes for LDAP group membership and search in chunks Closes #23966	2023-12-08 17:55:17 +01:00
mposolda	90bf88c540	Introduce ProtocolMapper.getEffectiveModel to make sure values displayed in the admin console UI are 'effective' values used when processing mappers closes #24718 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2023-12-08 12:26:35 +01:00
Lukas Hanusovsky	baf6186863	25208 MSSQL startup message - fix (#25378 ) Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>	2023-12-07 16:27:16 +01:00
Vlasta Ramik	df465456b8	Map Store Removal: Remove `LockObjectsForModification` (#25323 ) Signed-off-by: vramik <vramik@redhat.com> Closes #24793	2023-12-07 12:43:43 +00:00
Pedro Igor	b1626172aa	Removing unnecessary property from auth-server-migration maven profile Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2023-12-06 15:35:29 -03:00
rmartinc	522e8d2887	Workaround to allow percent chars in getGroupByPath via PathSegment Closes #25111 Signed-off-by: rmartinc <rmartinc@redhat.com>	2023-12-06 14:22:34 -03:00
Peter Zaoral	340eb99412	Unable to use < as part of a password (admin-cli) (#24939 ) * escaped angle bracket characters in password Closes #21951 Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2023-12-06 17:27:44 +01:00
Pedro Igor	ab1173182c	Make sure realm is available from session when migrating to 23 Closes #25183 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2023-12-06 07:42:54 -03:00
rmartinc	d004e9295f	Do not allow remove a credential in account endpoint if provider marks it as not removable Closes #25220 Signed-off-by: rmartinc <rmartinc@redhat.com>	2023-12-05 17:11:57 +01:00
Vlasta Ramik	6f37fefd8d	Delete container providers from the base testsuite (#25168 ) Closes #24097 Signed-off-by: vramik <vramik@redhat.com>	2023-12-04 14:44:35 +01:00
Alfredo Moises Boullosa	0b48bef0b1	Update springboot version Signed-off-by: Alfredo Moises Boullosa <aboullos@redhat.com>	2023-12-04 11:15:51 +01:00
Michal Hajas	ec061e77ed	Remove GlobalLockProviderSpi (#25206 ) Closes #24103 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2023-12-01 16:40:56 +00:00
rmartinc	31b7c9d2c3	Add UP decorator to SSSD provider Closes https://github.com/keycloak/keycloak/issues/25075 Signed-off-by: rmartinc <rmartinc@redhat.com>	2023-12-01 15:41:05 +01:00
mposolda	3fa2d155ca	Decouple factory methods from the provider methods on UserProfileProvider implementation closes #25146 Signed-off-by: mposolda <mposolda@gmail.com>	2023-12-01 10:30:57 -03:00

1 2 3 4 5 ...

6460 commits