keycloak-scim

Author	SHA1	Message	Date
rmartinc	61968bf747	Use OIDCAttributeMapperHelper.mapClaim in the GroupMembershipMapper Closes https://github.com/keycloak/keycloak/issues/19767	2023-06-08 11:12:24 -03:00
Réda Housni Alaoui	eb9bb281ec	Require user to agree to 'terms and conditions' during registration	2023-06-08 10:39:00 -03:00
Marek Posolda	8080085cc1	Removing 'http challenge' authentication flow and related authenticators (#20731 ) closes #20497 Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2023-06-08 14:52:34 +02:00
Saman-jafari	31db84e924	fix: issuedFor added to token to get client id into the token also redirect uri added to token and then passed to info template for "back to application" functionality test also added to check the availability of issueFor(azp) and redirect uri in Action Fixes #14860 Fixes #15136	2023-06-07 12:19:46 -03:00
Zvi Grinberg	b29ce53f6e	Fix bug in regex policy evaluation that it ignored flatted user claims that are mapped by protocol mappers to complex JSON structure in access token( in the access token JWT it's key and value is a JSON by itself) fixes: #20436 Signed-off-by: Zvi Grinberg <zgrinber@redhat.com>	2023-06-07 10:18:10 -03:00
Alice Wood	7e56938b74	Extend group search attribute functionality to account for use case where only the leaf group is required	2023-06-07 08:52:23 -03:00
ComplexSpaces	1af4a7a532	Pass webauthn signature algorithm IDs as integers instead of strings (#20832 ) closes #20831	2023-06-07 11:46:16 +02:00
Pedro Hos	9ebd94a3a8	Userinfo endpoint doesn't accept charset #20671 Closes 20671	2023-06-07 08:08:05 +02:00
Bruno Sanches	ecf4dbfb18	Check if formData is empty before putting login hint (#20733 ) closes keycloak#20732	2023-06-06 17:14:08 -04:00
Artur Baltabayev	041441f48f	Improved Reset OTP authenticator (#20572 ) * ResetOTP authenticator can now be configured, so that one or all existing OTP configurations are deleted upon reset. Closes #8753 --------- Co-authored-by: bal1imb <Artur.Baltabayev@bosch.com>	2023-06-06 08:30:44 -03:00
rmartinc	81aa588ddc	Fix and correlate session timeout calculations in legacy and new map implementations Closes https://github.com/keycloak/keycloak/issues/14854 Closes https://github.com/keycloak/keycloak/issues/11990	2023-06-05 18:46:23 +02:00
Alexander Schwartz	cd9e0be9f0	Filter first, then sort, and avoid atomics Closes #20394	2023-06-05 11:23:54 +02:00
Pedro Igor	f69ff5d270	Execution config not duplicated when duplicating flows Closes #12012	2023-06-01 16:12:06 +02:00
Erik Jan de Wit	f3c393f53e	use the "remember me" max time if set for expires (#20413 ) fixes: #9264	2023-05-31 15:25:20 -04:00
Pedro Igor	53dfb44a8f	Migration guide for JAX-RS changes (#20659 ) Closes #keycloak/keycloak#15454	2023-05-31 13:50:34 +00:00
mposolda	bf9c5821cb	Fix for certificate revalidation closes https://security.snyk.io/vuln/SNYK-JAVA-ORGKEYCLOAK-5291542	2023-05-31 15:42:37 +02:00
Takashi Norimatsu	a29c30ccd5	FAPI 2.0 security profile - not allow an authorization request whose parameters were not included in PAR request closes #20623	2023-05-31 14:02:44 +02:00
Takashi Norimatsu	6b42c2b4d0	FAPI 2.0 security profile - Reject Implicit Grant executor does not return an appropriate error Closes #20622	2023-05-30 18:24:50 +02:00
stianst	0832992e59	Removing OpenShift integration and moving to separate extension closes #20496 Co-authored-by: mposolda <mposolda@gmail.com>	2023-05-30 17:39:32 +02:00
Pedro Igor	c22972af9c	Avoid using user property mapper when resolving root user attributes Closes #20613	2023-05-29 14:30:05 +02:00
Yoshiyuki Tabata	bd37875a66	allow specifying format of "permission" parameter in the UMA grant token endpoint (#15947)	2023-05-29 08:56:39 -03:00
Jon Koops	98e5e9799b	Improve third-party storage access detection and cookie fallback	2023-05-25 22:16:59 -03:00
Douglas Palmer	1b8901f5a2	Changing the email address has no impact at username regardless "Email as username" toggle closes #20459	2023-05-25 07:54:03 -03:00
Peter Zaoral	72b238fb48	Keystore vault (#19644 ) * KeystoreVault SPI * added KeystoreVault - a Vault SPI implementation (#19281) Closes #17252 Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2023-05-24 16:20:30 +00:00
Stefan Guilhen	2252b09949	Remove deprecated default roles methods Closes #15046	2023-05-23 22:32:52 +02:00
i7a7467	e41e1a971a	SLO and ACS Binding are linked with AuthnRequest Binding in SAML Identity Broker Metadata Closes #11079	2023-05-22 10:05:17 +02:00
Artur Baltabayev	33215ab6f4	Added User-Session Note Idp mapper. (#19062 ) Closes #17659 Co-authored-by: bal1imb <Artur.Baltabayev@bosch.com> Co-authored-by: Daniel Fesenmeyer <daniel.fesenmeyer@bosch.io> Co-authored-by: Sebastian Schuster <sebastian.schuster@bosch.io>	2023-05-18 13:47:10 +02:00
mkrueger92	256bb84cc4	Avoid NPE while fetching offline sessions (#17577 )	2023-05-18 13:32:02 +02:00
Pedro Hos	c939b5b5ac	NPE when updating a subflow in an authentication flow closes #19844	2023-05-17 18:35:40 +02:00
danielFesenmeyer	d543ba5b56	Consistent message resolving regarding language fallbacks for all themes - the prio of messages is now as follows for all themes (RL = realm localization, T = Theme i18n files): RL <variant> > T <variant> > RL <region> > T <region> > RL <language> > T <language> > RL en > T en - centralize the message resolving logic in helper methods in LocaleUtil and use it for all themes, add unit tests in LocaleUtilTest - add basic integration tests to check whether realm localization can be used in all supported contexts: - Account UI V2: org.keycloak.testsuite.ui.account2.InternationalizationTest - Login theme: LoginPageTest - Email theme: EmailTest - deprecate the param useRealmDefaultLocaleFallback=true of endpoint /admin/realms/{realm}/localization/{locale}, because it does not resolve fallbacks as expected and is no longer used in admin-ui v2 - fix locale selection in DefaultLocaleSelectorProvider that a supported region (like "de-CH") will no longer selected instead of a supported language (like "de"), when just the language is requested, add corresponding unit tests - improvements regarding message resolving in Admin UI V2: - add cypress test i18n_test.spec.ts, which checks the fallback implementation - log a warning instead of an error, when messages for some languages/namespaces cannot be loaded (the page will probably work with fallbacks in that case) Closes #15845	2023-05-17 15:00:32 +02:00
Dominik Schlosser	8c58f39a49	Updates Datastore provider to contain full data model Closes #15490	2023-05-16 15:05:10 +02:00
Takashi Norimatsu	7f5e94db87	KEYCLOAK-19539 FAPI 2.0 Baseline : Reject Implicit Grant	2023-05-16 14:17:29 +02:00
Alexander Schwartz	bd7f62acc3	Use retry-logic only for the map storage This is a performance optimization that the retry doesn't affect the legacy store. Closes #20176	2023-05-15 10:20:35 +02:00
Alexander Schwartz	754aac2f4e	Avoid creating a NPE when closing This is a performance optimization and improved logging so it doesn't hide problems in the future. Closes #20176	2023-05-15 10:20:35 +02:00
Alexander Schwartz	0f481da77f	Avoid creating instances of HashMap to generate a single MapEntry This is a performance optimization. Closes #20176	2023-05-15 10:20:35 +02:00
Alexander Schwartz	93373b9398	Cache theme root URI This is a performance optimization. Closes #20176	2023-05-15 10:20:35 +02:00
Martin Bartoš	5a96efad11	Do not display error log for initial admin creation Closes #15789 Co-authored-by: Steve Weixel <steve.weixel@quantum.com>	2023-04-28 14:36:05 +02:00
Martin Bartoš	dcb7c498a4	Cannot find Generated annotation for ServicesLogger (#20021 ) Fixes #20020	2023-04-28 11:37:44 +00:00
Peter Zaoral	a020d3f6df	Quarkus3 branch sync no. 12 31.3.2023: * renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2023-04-27 13:36:54 +02:00
Martin Bartoš	bc43e4f435	Integrate Jakarta Mail API 2.1.0	2023-04-27 13:36:54 +02:00
Peter Zaoral	0b4f40f89b	Quarkus3 branch sync no. 8 3.3.2023: * renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2023-04-27 13:36:54 +02:00
Peter Zaoral	c2d1cade8d	Quarkus3 branch sync no. 7 27.2.2023: * renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2023-04-27 13:36:54 +02:00
Martin Bartoš	64738ea708	Fix issues with JakartaEE Mail dependencies This reverts commit da4644844ed88818c05d777460624403326ab01c --- Quarkus3 branch sync no. 12 (31.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified	2023-04-27 13:36:54 +02:00
Peter Zaoral	946eacd5b6	Quarkus3 branch sync no. 5 10.2.2023: * renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE * fixed Undertow server not starting due to ClassNotFoundException: javax.transaction.TransactionManager Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2023-04-27 13:36:54 +02:00
vramik	f18f356a0b	Update attribute name in `HttpRequestImpl` to jakarta. Closes #16721	2023-04-27 13:36:54 +02:00
Martin Bartoš	b1da7bd613	Revert Mail API --- Quarkus3 branch sync no. 13 (11.4.2023) Resolved conflicts: keycloak/quarkus/pom.xml - Modified --- Quarkus3 branch sync no. 12 (31.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified	2023-04-27 13:36:54 +02:00
Martin Bartoš	1f126647fe	Update dependencies	2023-04-27 13:36:54 +02:00
Martin Bartoš	124591ce1a	Adapters can still use Java EE - Provided all JavaEE dependencies for adapters - Automatically build Undertow Jakarta EE for testsuite (missing SAML) --- Quarkus3 branch sync no. 11 (24.3.2023) Resolved conflicts: keycloak/adapters/oidc/spring-security/pom.xml - Modified --- Quarkus3 branch sync no. 7 (27.2.2023) Resolved conflicts: keycloak/pom.xml - Modified --- Quarkus3 branch sync no. 5 (10.2.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml - Modified --- Quarkus3 branch sync no. 1 (18.1.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/pom.xml - Modified	2023-04-27 13:36:54 +02:00
Martin Bartoš	6118e5cfb7	Use JakartaEE dependencies --- Quarkus3 branch sync no. 14 (24.4.2023) Resolved conflicts: keycloak/pom.xml - Modified --- Quarkus3 branch sync no. 5 (10.2.2023) Resolved conflicts: keycloak/pom.xml - Modified	2023-04-27 13:36:54 +02:00
Martin Bartoš	7cff857238	Migrate packages from javax.* to jakarta.* --- Quarkus3 branch sync no. 14 (24.4.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ComponentExportImportTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/FederatedStorageExportImportTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java - Modified keycloak/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java - Modified --- Quarkus3 branch sync no. 13 (11.4.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AccountTotpPage.java - Deleted keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java - Modified --- Quarkus3 branch sync no. 12 (31.3.2023) Resolved conflicts: keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/services/resources/QuarkusWelcomeResource.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/profile/util/Soap.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/UserInfoClientUtil.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified --- Quarkus3 branch sync no. 10 (17.3.2023) Resolved conflicts: keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java - Modified --- Quarkus3 branch sync no. 9 (10.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosSingleRealmTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java - Modified --- Quarkus3 branch sync no. 8 (3.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/SamlClient.java Modified - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java - Modified keycloak/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionAuthenticator.java - Modified --- Quarkus3 branch sync no. 6 (17.2.2023) Resolved conflicts: keycloak/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ComponentsResource.java - Modified keycloak/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/installation/SamlSPDescriptorClientInstallation.java - Modified --- Quarkus3 branch sync no. 5 (10.2.2023) Resolved conflicts: /keycloak/services/src/main/java/org/keycloak/social/google/GoogleIdentityProvider.java Modified - Modified keycloak/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java - Modified --- Quarkus3 branch sync no. 4 (3.2.2023) Resolved conflicts: keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/integration/jaxrs/QuarkusKeycloakApplication.java - Modified --- Quarkus3 branch sync no. 1 (18.1.2023) Resolved conflicts: keycloak/testsuite/client/ClientPoliciesTest.java - Deleted keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java - Modified keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaModelCriteriaBuilder.java - Modified	2023-04-27 13:36:54 +02:00

1 2 3 4 5 ...

4066 commits