keycloak-scim

Author	SHA1	Message	Date
Marek Posolda	651d99db25	Allow selecting attributes from user profile when managing token mappers (#26415 ) * Allow selecting attributes from user profile when managing token mappers closes #24250 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-01-25 17:01:02 +01:00
Erik Jan de Wit	28c9f98930	moved login screen to patternfly 5 (#25340 ) * moved login screen to patternfly 5 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * added Feature flag to enable login v2 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * removed the old css and only include logo and background styles Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * changed to experimental Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * added login2 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * added windows help texts Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> --------- Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2024-01-25 13:45:53 +01:00
Thomas Darimont	e7363905fa	Change password hashing defaults according to OWASP recommendations (#16629 ) Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2): - Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512 - Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000 - Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000 - Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000 - Adapt PasswordHashingTest to new defaults - The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations. - Document changes in changes document with note on performance and how to keep the old behaviour. - Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly Fixes #16629 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-01-24 18:35:51 +01:00
Stian Thorgersen	656e680019	Remove unused HttpResponse.setWriteCookiesOnTransactionComplete (#26326 ) Closes #26325 Signed-off-by: stianst <stianst@gmail.com>	2024-01-20 11:31:10 +01:00
Alexander Schwartz	b9498b91cb	Deprecating the offline session preloading (#26160 ) Closes #25300 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-16 09:29:01 +01:00
Thomas Darimont	9d429400d4	Avoid calling primitive wrapper constructors in server-spi-private (#24163 ) Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-01-11 11:54:44 +01:00
rmartinc	179ca3fa3a	Sanitize logs in JBossLoggingEventListenerProvider Closes #25078 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-01-10 16:50:27 +01:00
Réda Housni Alaoui	98230aa372	Add federated identity ProviderEvent(s) Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>	2024-01-10 11:56:38 -03:00
Pedro Igor	ceb085e7b8	Update the UPDATE_EMAIL feature to rely on the user profile configuration when rendering templates and validating the email Closes #25704 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2023-12-20 15:15:06 -03:00
mposolda	eb184a8554	More info on UserProfileContext closes #25691 Signed-off-by: mposolda <mposolda@gmail.com>	2023-12-19 13:00:31 -03:00
Pedro Igor	fa79b686b6	Refactoring user profile interfaces and consolidating user representation for both admin and account context Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2023-12-13 08:27:55 +01:00
Pedro Igor	c7f63d5843	Add options to change behavior on how unmanaged attributes are managed Closes #24934 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2023-11-30 06:58:21 -03:00
rmartinc	16afecd6b4	Allow automatic download of SAML certificates in the identity provider Closes https://github.com/keycloak/keycloak/issues/24424 Signed-off-by: rmartinc <rmartinc@redhat.com>	2023-11-29 18:03:31 +01:00
Pedro Igor	2c611cb8fc	User profile configuration scoped to user-federation provider closes #23878 Co-Authored-By: mposolda <mposolda@gmail.com> Signed-off-by: mposolda <mposolda@gmail.com>	2023-11-27 14:45:44 +01:00
Sebastian Schuster	030f42ec83	More efficient listing of assigned and available client role mappings Closes #23404 Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io> Co-authored-by: Vlasta Ramik <vramik@users.noreply.github.com>	2023-11-22 14:10:11 +01:00
Thomas Darimont	d30d692335	Introduce MaxAuthAge Password policy (#12943 ) This policy allows to specify the maximum age of an authentication with which a password may be changed without re-authentication. Defaults to 300 seconds (default taken from Constants.KC_ACTION_MAX_AGE) to remain backwards compatible. A value of 0 will always require reauthentication to update the password. Add documentation for MaxAuthAgePasswordPolicy to server_admin Fixes #12943 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2023-11-20 14:48:17 +01:00
vramik	42e5055cfb	Delete `SearchableModelField` and its usages Signed-off-by: vramik <vramik@redhat.com> Closes #24722	2023-11-16 18:44:49 +01:00
Réda Housni Alaoui	3f014c7299	Cannot display 'Authentication Flows' screen when a realm contains more than ~4000 clients (#21058 ) closes #21010 Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>	2023-11-13 19:13:01 +01:00
mposolda	6f992915d7	Move some UserProfile and Validation classes into keycloak-server-spi closes #24387	2023-10-31 12:56:46 -07:00
Alice	69497382d8	Group scalability upgrades (#22700 ) closes #22372 Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2023-10-26 16:50:45 +02:00
Hynek Mlnarik	c036980c37	Add TRANSIENT_USERS feature flag	2023-10-25 12:02:35 +02:00
Hynek Mlnarik	26328a7c1e	Support for transient sessions via lightweight users Part-of: Add support for not importing brokered user into Keycloak database Closes: #11334	2023-10-25 12:02:35 +02:00
Marek Posolda	829b7090fa	Avoid breaking change in UserSessionModel (#24134 ) closes #24096 Co-authored-by: Michal Hajas <mhajas@redhat.com>	2023-10-20 18:06:07 +02:00
Andrew	77c3e7190c	updates to method contracts and code impl to be more specific about providerAlias (#24070 ) closes #24072	2023-10-18 08:33:06 +02:00
shigeyuki kabano	6112b25648	Enhancing Light Weight Token(#22148 ) Closes #21183	2023-10-17 13:12:36 +02:00
Alice Wood	5a76ddfc2e	Remove realm model storage from OAuth2DeviceConfig class to avoid persisting old session and entity manager in infinispan fixes keycloak/keycloak#23943	2023-10-16 16:18:31 +02:00
Charley Wu	31759f9c37	WebAuthn support for native applications. Support custom FIDO2 origin validation (#23156 ) Closes #23155	2023-10-13 15:25:10 +02:00
Martin Bartoš	21a23ace1d	Mark required config properties for LDAP Mappers Closes #23685	2023-10-09 08:46:57 +02:00
Garth	2dfbbff343	added AccountResource SPI, Provider and ProviderFactory. (#22317 ) Added AccountResource SPI, Provider and ProviderFactory. updated AccountLoader to load provider(s) and check if it is compatible with the chosen theme.	2023-10-05 15:08:01 +02:00
Steve Hawkins	fb69936f14	Aligns the logic in the welcome resources as a result the quarkus one can be removed closes keycloak#23243	2023-09-28 19:33:12 -03:00
Jon Koops	47d9ae71c4	Revert the new welcome screen experience (#23446 ) This reverts commit `bcab75a7ef`.	2023-09-21 16:03:00 +00:00
Bernd Bohmann	bb2f59df87	Calling getTopLevelGroups is slow inside GroupLDAPStorageMapper#getLDAPGroupMappingsConverted (#8430 ) Closes #14820 --------- Co-authored-by: Michal Hajas <mhajas@redhat.com>	2023-09-20 17:20:43 +02:00
rmartinc	743bb696d9	Allow duplicated keys in advanced claim mappers Closes https://github.com/keycloak/keycloak/issues/22638	2023-09-19 07:49:34 -03:00
Pedro Igor	217a09ce46	Switch to Resteasy Reactive Closes #10713	2023-09-18 09:19:03 -03:00
Jon Koops	bcab75a7ef	Add new version of Welcome theme based on PatternFly 5 (#23008 )	2023-09-14 08:24:17 -04:00
stianst	211c027adb	Remove use of Guava in services Closes #23009	2023-09-07 08:59:02 +02:00
Marek Posolda	6f989fc132	Fallback to next LDAP/Kerberos provider when not able to find authenticated Kerberos principal (#22531 ) closes #22352 #9422	2023-08-29 11:21:01 +00:00
Todor Staykovski	dffa7a31cb	Add subgroups sorting (#22295 ) * Review comments to add a test, update the API description and adjust the map storage. Closes #19348 Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2023-08-07 21:18:09 +02:00
Rishabh Dixit	d73298aab6	Add getStatus() to response obj Closes #22241	2023-08-04 18:43:50 +02:00
Takashi Norimatsu	05b8b9ee51	Enhancing Pluggable Features of Token Manager closes #21182	2023-07-24 09:16:29 +02:00
Thomas Darimont	637fa741b0	Align naming of OTP policy window setting with actual semantics (#20469 ) (#21316 ) Closes #20469	2023-07-04 12:41:21 +02:00
mposolda	0ea2891eee	Remove support for OpenJDK 11 on the server side closes #15014	2023-07-03 13:12:22 -03:00
Daniele Martinoli	e2ac9487f7	Conditional login through identity provider (#20188 ) Closes #20191 Co-authored-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2023-06-29 18:44:15 +02:00
Pedro Igor	eb5edb3a9b	Support reading base32 encoded OTP secret Closes #9434 Closes #11561	2023-06-22 08:08:13 -03:00
vramik	535bba5792	Update UserQueryProvider methods Closes #20438	2023-06-12 16:04:26 +02:00
Vlasta Ramik	ed473da22b	Clean-up of deprecated methods and interfaces Fixes #20877 Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2023-06-09 17:11:20 +00:00
rmartinc	81aa588ddc	Fix and correlate session timeout calculations in legacy and new map implementations Closes https://github.com/keycloak/keycloak/issues/14854 Closes https://github.com/keycloak/keycloak/issues/11990	2023-06-05 18:46:23 +02:00
vramik	a175efcb72	Split `UserQueryProvider` into `UserQueryMethods` and `UserCountMethods` and make `LdapStorageProvider` implement only `UserQueryMethods` Co-authored-by: mhajas <mhajas@redhat.com> Closed #20156	2023-05-31 11:47:54 +02:00
Stefan Guilhen	2252b09949	Remove deprecated default roles methods Closes #15046	2023-05-23 22:32:52 +02:00
mkrueger92	256bb84cc4	Avoid NPE while fetching offline sessions (#17577 )	2023-05-18 13:32:02 +02:00
danielFesenmeyer	d543ba5b56	Consistent message resolving regarding language fallbacks for all themes - the prio of messages is now as follows for all themes (RL = realm localization, T = Theme i18n files): RL <variant> > T <variant> > RL <region> > T <region> > RL <language> > T <language> > RL en > T en - centralize the message resolving logic in helper methods in LocaleUtil and use it for all themes, add unit tests in LocaleUtilTest - add basic integration tests to check whether realm localization can be used in all supported contexts: - Account UI V2: org.keycloak.testsuite.ui.account2.InternationalizationTest - Login theme: LoginPageTest - Email theme: EmailTest - deprecate the param useRealmDefaultLocaleFallback=true of endpoint /admin/realms/{realm}/localization/{locale}, because it does not resolve fallbacks as expected and is no longer used in admin-ui v2 - fix locale selection in DefaultLocaleSelectorProvider that a supported region (like "de-CH") will no longer selected instead of a supported language (like "de"), when just the language is requested, add corresponding unit tests - improvements regarding message resolving in Admin UI V2: - add cypress test i18n_test.spec.ts, which checks the fallback implementation - log a warning instead of an error, when messages for some languages/namespaces cannot be loaded (the page will probably work with fallbacks in that case) Closes #15845	2023-05-17 15:00:32 +02:00
Dominik Schlosser	8c58f39a49	Updates Datastore provider to contain full data model Closes #15490	2023-05-16 15:05:10 +02:00
vramik	6c6907ef4e	Clean RealmProvider from methods from other areas Closes #15044	2023-05-02 15:09:26 +02:00
Peter Zaoral	0b4f40f89b	Quarkus3 branch sync no. 8 3.3.2023: * renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2023-04-27 13:36:54 +02:00
Martin Bartoš	6118e5cfb7	Use JakartaEE dependencies --- Quarkus3 branch sync no. 14 (24.4.2023) Resolved conflicts: keycloak/pom.xml - Modified --- Quarkus3 branch sync no. 5 (10.2.2023) Resolved conflicts: keycloak/pom.xml - Modified	2023-04-27 13:36:54 +02:00
Martin Bartoš	7cff857238	Migrate packages from javax.* to jakarta.* --- Quarkus3 branch sync no. 14 (24.4.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ComponentExportImportTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/FederatedStorageExportImportTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java - Modified keycloak/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java - Modified --- Quarkus3 branch sync no. 13 (11.4.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AccountTotpPage.java - Deleted keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java - Modified --- Quarkus3 branch sync no. 12 (31.3.2023) Resolved conflicts: keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/services/resources/QuarkusWelcomeResource.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/profile/util/Soap.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/UserInfoClientUtil.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified --- Quarkus3 branch sync no. 10 (17.3.2023) Resolved conflicts: keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java - Modified --- Quarkus3 branch sync no. 9 (10.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosSingleRealmTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java - Modified --- Quarkus3 branch sync no. 8 (3.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/SamlClient.java Modified - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java - Modified keycloak/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionAuthenticator.java - Modified --- Quarkus3 branch sync no. 6 (17.2.2023) Resolved conflicts: keycloak/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ComponentsResource.java - Modified keycloak/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/installation/SamlSPDescriptorClientInstallation.java - Modified --- Quarkus3 branch sync no. 5 (10.2.2023) Resolved conflicts: /keycloak/services/src/main/java/org/keycloak/social/google/GoogleIdentityProvider.java Modified - Modified keycloak/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java - Modified --- Quarkus3 branch sync no. 4 (3.2.2023) Resolved conflicts: keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/integration/jaxrs/QuarkusKeycloakApplication.java - Modified --- Quarkus3 branch sync no. 1 (18.1.2023) Resolved conflicts: keycloak/testsuite/client/ClientPoliciesTest.java - Deleted keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java - Modified keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaModelCriteriaBuilder.java - Modified	2023-04-27 13:36:54 +02:00
Jon Koops	a2eb619e0e	Include Account Console version 3 as a theme (#19641 )	2023-04-13 09:41:40 -04:00
Michal Hajas	338fefe66c	Remove deprecated IS_CLIENT_ROLE field (#17654 ) Closes #17147	2023-03-21 09:31:11 +01:00
Michal Hajas	465019bec4	Extract attachDevice outside of storage layer Closes #17336	2023-03-03 17:58:34 +01:00
Jon Koops	972ebb9650	Use a valid SemVer format for the SNAPSHOT version (#17334 ) * Use a valid SemVer format for the SNAPSHOT version * Update pom.xml * Update pom.xml --------- Co-authored-by: Stian Thorgersen <stianst@gmail.com> Co-authored-by: Stian Thorgersen <stian@redhat.com>	2023-03-03 11:11:44 +01:00
Pedro Igor	fbf5541802	Remove duplicated set-cookie header from response when expiring cookies Closes #17192	2023-02-27 14:17:27 -03:00
vramik	055b7c3b16	Remove deprecated methods from `login-failure` area from `user-session` interface Closes #15053	2023-02-17 13:03:02 +01:00
Michal Hajas	1c79a5666d	Deprecate RoleModel.SearchableFields.IS_CLIENT_ROLE field Closes #17144	2023-02-16 20:50:46 +01:00
Dmitry Telegin	5f39aeb590	Pre-authorization hook for client policies Closes #9017	2023-02-08 15:06:32 +01:00
Thomas Darimont	e38b7adf92	Revise blacklist password policy provider #8982 - Reduce false positive probability from 1% to 0.01% to avoid rejecting to many actually good passwords. - Make false positive rate configurable via spi config - Revised log messages Supported syntax variant: `passwordBlacklist(wordlistFilename)` Fixes #8982 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2023-02-07 10:36:39 +01:00
Klaus Betz	20a7a5acdb	fix: consider identity provider models from third-party packages	2023-01-31 06:05:02 -08:00
Marek Posolda	33ff9ef17e	Fix remaining failing tests with BCFIPS approved mode (#16699 ) * Fix remaining failing tests with BCFIPS approved mode Closes #16698	2023-01-30 16:01:57 +01:00
mposolda	ac490a666c	Fix KcSamlSignedBrokerTest in FIPS. Support for choosing realm encryption key for decrypt SAML assertions instead of realm signature key Closes #16324	2023-01-10 20:39:59 +01:00
Hynek Mlnarik	071fc03f41	Move transaction processing into session close Fixes: #15223	2023-01-05 16:12:32 +01:00
Michal Hajas	de7dd77aeb	Change id of TermsAndConditions required actions to uppercase Closes #9991	2022-12-07 10:51:37 -03:00
Pedro Igor	022d2864a6	Make sure JAX-RS resource methods are advertizing the media type they support Closes #15811 Closes #15810	2022-12-06 08:13:43 -03:00
Pedro Igor	168734b817	Removing references to request and response from Resteasy Closes #15374	2022-12-01 08:38:24 -03:00
stianst	eb17157e44	Stop adding .v2 to default theme if set in server config Closes #15392	2022-11-11 08:49:41 -03:00
Michal Hajas	883e83e625	Remove deprecated methods from data providers and models Closes #14720	2022-10-25 09:01:33 +02:00
Stefan Guilhen	acaf1724dd	Fix ComponentsTest failures with CockroachDB - Component addition/edition/removal is now executed in a retriable transaction. Closes #13209	2022-10-21 10:48:08 +02:00
Klaus Betz	76d9125c3f	feat: add DisplayIconClasses to IdentityProviderModel for third-party IDPs https://github.com/klausbetz/apple-identity-provider-keycloak/issues/10 (#14826 ) Closes #14974	2022-10-18 15:54:06 +02:00
Stian Thorgersen	31aefd1489	OTP Application SPI (#14800 ) Closes #14800	2022-10-18 14:42:35 +02:00
Stian Thorgersen	f7490b7f7c	Fix issue where admin2 was not enabled by default if account2 was disabled (#14914 ) Refactoring ThemeSelector and DefaultThemeManager to re-use the same logic for selecting default theme as there used to be two places where one had a broken implementation Closes #14889	2022-10-17 15:17:54 +02:00
danielFesenmeyer	f80a8fbed0	Avoid login failures in case of non-existing group or role references and update references in case of renaming or moving - no longer throw an exception, when a role or group cannot be found, log a warning instead - update mapper references in case of the following events: - moving a group - renaming a group - renaming a role - renaming a client's Client ID (may affect role qualifiers) - in case a role or group is removed, the reference still will not be changed - extend and refactor integration tests in order to check the new behavior Closes #11236	2022-10-13 13:23:29 +02:00
Martin Kanis	761929d174	Merge ActionTokenStoreProvider and SingleUseObjectProvider (#13677 ) Closes #13334	2022-10-13 09:26:44 +02:00
Takashi Norimatsu	148c7695ff	Pluggable Features of Token Manager Closes #12065	2022-10-07 08:43:34 +02:00
Alice Wood	1eb7e95b97	enhance existing group search functionality allow exact name search keycloak/keycloak#13973 Co-authored-by: Abhijeet Gandhewar <agandhew@redhat.com>	2022-09-30 10:37:52 +02:00
Alice Wood	55a660f50b	enhance group search to allow searching for groups via attribute keycloak/keycloak#12964 Co-authored-by: Abhijeet Gandhewar <agandhew@redhat.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2022-09-19 15:19:36 +02:00
Alexander Schwartz	1d2d3e5ca5	Move UserFederatedStorageProvider into legacy module Closes #13627	2022-09-11 18:37:45 +02:00
Martin Bartoš	0fcf5d3936	Reuse of token in TOTP is possible Fixes #13607	2022-09-09 08:56:02 -03:00
vramik	869ccc82b2	Enable MapUserProvider storing username with the letter case significance Closes #10245 Closes #11602	2022-09-09 11:46:11 +02:00
Christoph Leistert	cc2bb96abc	Fixes #9482 : A user could be assigned to a parent group if he is already assigned to a subgroup.	2022-09-06 21:31:31 +02:00
Michal Hajas	f69497eb28	KEYCLOAK-12988 Deprecate getUsers* methods in favor of searchUsers* variants Closes #14018	2022-09-06 10:38:28 +02:00
Thomas Darimont	43623ea9d0	KEYCLOAK-18499 Add max_age support to oauth2 brokered logins Revise KcOidcBrokerPassMaxAgeTest to use setTimeOffset(...)	2022-09-01 09:24:44 -03:00
David Anderson	865a180c00	Remove bc dependency from server-spi and server-spi-private (#13319 ) Closes #12858	2022-07-26 11:52:16 +02:00
Alexander Schwartz	cb81a17611	Disable Infinispan for map storage and avoid the component factory when creating a realm independent provider factory Provide startup time in UserSessionProvider independent of Infinispan, cleanup code that is not necessary for the map storage as it isn't using Clustering. Move classes to the legacy module. Closes #12972	2022-07-22 08:20:00 +02:00
Vlasta Ramik	ec853a6b83	JPA map storage: User / client session no-downtime store (#12241 ) Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Closes #9666	2022-07-14 12:07:02 -03:00
Pedro Igor	5b48d72730	Upgrade Resteasy v4 Closes #10916 Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2022-07-11 12:17:51 -03:00
Michal Hajas	0f86427dd0	Make user->client sessions relationship consistent Closes #12817	2022-07-11 08:42:28 -03:00
Stefan Guilhen	007fa1f374	Single Use Objects Map JPA implementation Closes #9852	2022-07-04 10:05:51 -03:00
Alexander Schwartz	d407a37ba3	Instead of returning instances with different semantics, throw an exception. This exception points the caller to the migration guide of Keycloak 19. Closes #12556	2022-07-01 14:12:39 -03:00
Alexander Schwartz	a191d7eb3c	Moving CachedObject to the legacy modules Closes #12656	2022-06-29 20:04:32 +02:00
Alexander Schwartz	ddeab744d0	Moving RoleStorageProviderModel to the legacy modules Closes #12656	2022-06-29 20:04:32 +02:00
Alexander Schwartz	05f8f3038f	Moving GroupStorageProviderModel to the legacy modules Closes #12656	2022-06-29 20:04:32 +02:00
Alexander Schwartz	692ce0cd91	Moving ClientStorageProvider to the legacy modules This prepares the move of CachedObject and CacheableStorageProviderModel Closes #12531 fixup! Moving ClientStorageProvider to the legacy modules	2022-06-29 20:04:32 +02:00

1 2 3 4 5 ...

756 commits