Commit graph

734 commits

Author SHA1 Message Date
Alexander Schwartz
8769fed585 Fixing bug in condition
Closes #33353

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-30 18:35:45 -03:00
Pedro Igor
4bd29e257b Fixing tests
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-09-30 18:35:45 -03:00
Pedro Igor
c558bbe118 Fixing tests
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-09-30 18:35:45 -03:00
Alexander Schwartz
fd1f3c52d3 Further optimizations
Closes #33353

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-30 18:35:45 -03:00
Alexander Schwartz
5c503a55e9 Optimize caching and use of DB connections when Organisations are enabled
Closes #33353

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-30 18:35:45 -03:00
Michal Hajas
c682536dae Avoid duplicates when storing organization ids
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-09-30 13:25:46 -03:00
Michal Hajas
0becdaa2a9 Do not store RealmModel in CachedOrganizationIds
Closes #33331
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>

Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-09-30 13:25:46 -03:00
Alexander Schwartz
5bb23eb0fc
Optimize update of user attributes (#32907)
Closes #32906
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-25 16:39:42 +02:00
Stefan Guilhen
6424708695 Ensure organization id is preserved on export/import
- Also fixes issues with description, enabled, and custom attributes missing when re-importing the orgs.

Closes #33207

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-25 16:07:44 +02:00
Christian Janker
21f90145ac Send UserRemovedEvent containing all user attributes
Invalidate CachedUserModel before UserRemovedEvent

closes #32194

Signed-off-by: Christian Janker <christian.janker@gmx.at>
2024-09-20 16:22:08 +02:00
Stefan Guilhen
3e597722a9
Add cache for IdentityProviderStorageProvider.getForLogin (#32918)
Closes #32573

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-18 09:05:57 +02:00
Pedro Ruivo
f67bec0417 Rename remote-cache Feature
Renamed to "clusterless"

Closes #32596

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-09-13 13:03:13 +02:00
Martin Kanis
ccb166d0e9 Add caching when querying brokers by organization
Closes #32574

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-09-09 09:24:43 -03:00
Alexander Schwartz
d9dfe74e8b
Set idle time the same as for the internal cache, but extend it for refreshes
Closes #32100

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-09-09 10:47:56 +02:00
Alexander Schwartz
9454c01d88
Fix parsing of broker user ID if it contains a dot (#32699)
Closes #32698

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-09-06 14:09:44 +02:00
Stefan Guilhen
557d7e87b2 Avoid iterating through all mappers when running the config event listeners
Closes #32233

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-09-04 07:40:58 -03:00
Pedro Ruivo
ba861fc5d7 Remove version() projection from Ickle Queries
Closes #32590

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-09-03 18:07:32 +02:00
Pedro Ruivo
29c8060bda Trigger mass re-index of the sessions caches when the entity changes
Closes #32594

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-09-03 15:48:14 +02:00
Pedro Igor
4b5b1a4c25 Unignore backchannel logout tests
Closes #20643

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-09-02 08:34:21 +02:00
Pedro Ruivo
378db25016
Skip creating sessions cache when Persistent Sessions is enabled
Re-order the configuration steps to avoid redundant warnings

Closes #32416

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-27 16:21:08 +00:00
Stefan Guilhen
88cca10472 Rename IDPSpi to IdentityProviderStorageSpi
Closes #31639

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-26 15:10:09 -03:00
Vlasta Ramik
d63c0fbd13
Decouple Identity provider mappers from RealmModel (#32251)
* Decouple Identity provider mappers from RealmModel

Closes #31731

Signed-off-by: vramik <vramik@redhat.com>
2024-08-22 12:05:19 -03:00
Alexander Schwartz
a7964a588b Avoid n+1 SQL selects to load sessions
Closes #32273

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-22 12:51:43 +02:00
vramik
14494fb148 Ensure organization aware IdentityProviderModel is used in the infinispan IDPProvider
Closes #32108

Signed-off-by: vramik <vramik@redhat.com>
2024-08-22 07:22:18 -03:00
yelhouti
e8840df0e0
Fix: admin GUI not working with 1000s of realms
Search by RealmName is done before loading all realms when filtering

Closes #31956

Signed-off-by: Youssef El Houti <youssef.elhouti@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-21 14:58:36 +02:00
Stefan Guilhen
585d179fe0 Ensure identity providers returned to the org IDP selection are IDPs not associated with any orgs.
Closes #32238

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-21 07:49:01 -03:00
Pedro Igor
eeae50fb43 Make sure federationLink always map to the storage provider associated with federated users
Closes #31670

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-08-20 11:27:22 +02:00
Stefan Guilhen
fa7c2b5da6 Address review comments
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Stefan Guilhen
f82159cf65 Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code.
Closes #32090

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-19 09:06:35 -03:00
Michal Hajas
6a9245546e Set clientId if it is not set in the entity
Closes #32195

Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-08-16 14:27:18 +02:00
Alexander Schwartz
88904c0a01
Call JPA code in blocking thread (#32154)
Closes #32153

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-16 10:17:30 +02:00
Stefan Guilhen
aeb1951aba Replace calls to deprecated RealmModel IDP methods
- use the new provider instead

Closes #31254

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-08-15 10:55:36 -03:00
Martin Kanis
708a6898db Add a count method to the OrganizationMembersResource
Closes #31388

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-08-15 09:12:57 -03:00
Pedro Ruivo
e13c9bf462 Retry remote cache operations with back off
Implement a retry mechanism for remote cache writes.

Fixes #32030

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-08-13 15:55:59 +02:00
vramik
4d7f25535c IDP storage provider Infinispan implementation
Closes #31251

Signed-off-by: vramik <vramik@redhat.com>
2024-08-13 08:36:15 -03:00
Pedro Ruivo
07c92c85cb Drop AuthenticatedClientSessionStore from user sessions
New entities for client and user sessions, more query friendly.
The client sessions are found using query instead of storing them in the
user session entity.
Remove of sessions by its field is done based on queries.

Closes #30934

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-08-12 20:35:50 +02:00
Alexander Schwartz
07a168cb14 Deleted authentication sessions should not be re-surrected with an update
Closes #31829

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-09 07:26:05 -03:00
Michal Hajas
50c07c6e7c
Simplify configuration for MULTI_SITE
Closes #31807

Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-08-06 16:14:33 +00:00
Michal Hajas
6847af0068 Remove InfinispanMultiSiteLoadBalancerCheckProviderFactory.java
Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-08-06 07:58:12 -03:00
Pedro Ruivo
1e9f6bbb8c Non clustered Keycloak with External Infinispan feature
Disables JGroups (clustering) when remote-cache feature is enabled

Fixes #31876

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-08-05 17:04:36 +02:00
Pedro Ruivo
fed804160b Enable ProtoStream encoding for External Infinispan feature
The ProtoStream schema is automatically uploaded to the Infinispan
server during startup.
When the schema is updated, the indexes are updated and re-created.
Use the delete statement to delete entities when a realm is removed.

Fixes #30931

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-08-01 16:16:19 +02:00
Alexander Schwartz
00bfc2c34f
Adding an index for the revoked tokens table to speed up the cleanup (#31790)
Closes #31725

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-08-01 11:12:53 +02:00
Ryan Emerson
8d7e18ec29 Clear local caches on split-brain heal
Closes #25837

Signed-off-by: Ryan Emerson <remerson@redhat.com>
2024-07-31 13:59:06 +02:00
Pedro Ruivo
17e30e9ec1 Persist revoke tokens with remote cache feature
Stores the revoked tokens into the database and preloads them during
startup.

Fixes #31760

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-07-31 11:02:38 +02:00
Alexander Schwartz
11b19bc272
For persistent sessions, don't remove user session if there is no session in the remote store (#31756)
Closes #31115

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-30 17:57:09 +02:00
Pedro Ruivo
e62604b1ec ConditionalRemover interface for External Infinispan feature
Add a ConditionalRemover interface to remove entries from a RemoteCache
based on the key or value fields.
The default implementation provided by this PR uses streaming/iteration
to test and remove entries

On a side change, moved all the transactions to the same package and
created one transaction class per entity/cache to simplify code and
avoid writing "RemoteChangeLogTransaction" with a long list of types.

Fixes #31046

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
2024-07-30 15:16:17 +02:00
Alexander Schwartz
00d8e06f79
Optimize CPU cycles for persistent sessions (#31702)
Closes #31701

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-29 16:34:13 +02:00
Stefan Guilhen
f45529de8c Deprecate IDP related methods in RealmModel
- delegate to the new provider

Closes #31253

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-07-29 16:02:26 +02:00
Alexander Schwartz
557cf1e60e Add a tombstone operation to optimize multiple deletes
Closes #31699

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-29 13:23:06 +02:00
Alexander Schwartz
6d404b86c9 Trigger clearing the user cache when the duplicate email allowed flag changes
Closes #31045

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-07-29 10:37:42 +02:00