keycloak-scim

Author	SHA1	Message	Date
Vlasta Ramik	d63c0fbd13	Decouple Identity provider mappers from RealmModel (#32251 ) * Decouple Identity provider mappers from RealmModel Closes #31731 Signed-off-by: vramik <vramik@redhat.com>	2024-08-22 12:05:19 -03:00
Steven Hawkins	d9a92f5de3	fix: expose bootstrap-admin-* options (#32241 ) * fix: expose bootstrap-admin-* options closes: #32176 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Update quarkus/config-api/src/main/java/org/keycloak/config/BootstrapAdminOptions.java Co-authored-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2024-08-21 15:52:38 +02:00
Peter Zaoral	6ab3b98743	Temporary admin account notice logged to org.keycloak.events (#32307 ) * removed the temporary admin accounts logging from JBossLoggingEventListenerProvider Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2024-08-21 13:31:57 +00:00
Pedro Igor	c1f6d5ca64	Support for selecting an organization when requesting the organization scope Closes #31438 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-21 13:04:58 +02:00
Stefan Guilhen	585d179fe0	Ensure identity providers returned to the org IDP selection are IDPs not associated with any orgs. Closes #32238 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-21 07:49:01 -03:00
Peter Zaoral	1b5fe5437a	Warnings for temporary admin user and service account (#31387 ) * UI banner, labels and log messages are shown when temporary admin account is used * added UI tests that check the elements' presence Signed-off-by: Peter Zaoral <pzaoral@redhat.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>	2024-08-21 09:30:24 +02:00
Pedro Ruivo	4675a4eda9	Deprecate UserSessionCrossDCManager Fixes #31878 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-08-21 08:52:39 +02:00
Pedro Igor	e3c0b918bd	Returning a full representation when querying organizations Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-20 11:11:14 -03:00
Pedro Igor	4376a3c757	Add an endpoint to the organizations endpoint to return the organizations for a given user Closes #32158 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-20 11:11:14 -03:00
Pedro Igor	eeae50fb43	Make sure federationLink always map to the storage provider associated with federated users Closes #31670 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-20 11:27:22 +02:00
Stefan Guilhen	fa7c2b5da6	Address review comments Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-19 09:06:35 -03:00
Stefan Guilhen	f82159cf65	Rework logic to fetch IDPs for the login page so that IDPs are fetched from the provider and not filtered in code. Closes #32090 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-19 09:06:35 -03:00
Pedro Igor	8e0436715c	Support for ALL and ANY organization scope values Related #31438 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-19 08:45:23 -03:00
mposolda	3d787727f9	Add acr scope to all clients for those migrating from older than Keycloak 18 closes #31107 Signed-off-by: mposolda <mposolda@gmail.com>	2024-08-16 12:17:43 +02:00
Václav Muzikář	cb418b0bfc	Upgrade to Quarkus 3.13.2 (#31678 ) * Upgrade to Quarkus 3.13.2 Closes #31676 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> Co-authored-by: Peter Zaoral <pzaoral@redhat.com> Co-authored-by: Martin Bartoš <mabartos@redhat.com>	2024-08-16 11:41:34 +02:00
himanshi1099	7459992e40	Realm update validation for incorrect timeout values (#32137 ) closes #31595 Signed-off-by: Himanshi Gupta <higupta@redhat.com>	2024-08-16 08:58:27 +02:00
Alexander Schwartz	80d235fffb	Handle non-existing client gracefully (#32151 ) Closes #32150 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-08-15 16:08:40 +02:00
Stefan Guilhen	aeb1951aba	Replace calls to deprecated RealmModel IDP methods - use the new provider instead Closes #31254 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-08-15 10:55:36 -03:00
Pedro Igor	96acc62c00	Support for resolving organization based on the organization scope Closes #31438 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-15 10:32:15 -03:00
Stian Thorgersen	310824cc2b	Remove legacy cookies Closes #16770 Signed-off-by: stianst <stianst@gmail.com> Signed-off-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-08-15 15:27:38 +02:00
Martin Kanis	708a6898db	Add a count method to the OrganizationMembersResource Closes #31388 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-15 09:12:57 -03:00
Yoshiyuki Tabata	cb6eb187ac	Client Policy - Condition : Client - Client Attribute Closes https://github.com/keycloak/keycloak/issues/31766 Signed-off-by: Yoshiyuki Tabata <yoshiyuki.tabata.jy@hitachi.com>	2024-08-14 09:56:56 +02:00
kaustubh-rh	cf8905efe8	Fix for Client secret is visable in Admin event representation when Credentials Reset action performed for the Client. (#32067 ) * Stripping secrets for the credential representation Signed-off-by: kaustubh B <kbawanka@redhat.com>	2024-08-12 13:47:41 -03:00
Steven Hawkins	b72ddbcc45	fix: add a warning log if a deprecated admin env variable is used (#32038 ) closes: #31491 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-08-12 08:54:30 +02:00
rmartinc	347f595913	Add ECDH-ES encyption algorithms to the java keystore key provider Closes #32023 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-09 15:57:51 +02:00
Martin Kanis	da0864682a	Conditionally redirect existing users to a broker based on their credentials Closes #31006 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-09 07:59:25 -03:00
rmartinc	2a06e1a6db	Add SHAKE256 hash provider for Ed448 Closes #31931 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-08 17:36:54 +02:00
Justin Tay	966a454548	Add ECDH-ES JWE Algorithm Provider, Add generated ECDH key provider (#23928 ) Closes #23596 Closes #23597 Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>	2024-08-08 17:29:35 +02:00
Steven Hawkins	7ce6f12fe3	fix: adds a check for duplicate users/clients to simplify cmd errors (#31583 ) also changes temp-admin-service to temp-admin closes: #31160 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-08-08 08:20:33 -04:00
Pedro Igor	3ab2446074	Do not return identity providers when querying the realm representation Closes #21072 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-07 10:06:51 -03:00
rmartinc	acbbfde4ab	Adding upgrading notes for brute force changes Closes #31960 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-07 14:38:30 +02:00
Pascal Knüppel	f3341390f4	Issuer id must be a URL according to specification (#30961 ) fixes #30960 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2024-08-07 14:35:58 +02:00
Giuseppe Graziano	35c8c09b8d	OIDC dynamic client registration with response_type=none Closes #19564 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-08-07 10:34:47 +02:00
rmartinc	8a09905e5c	Remove the attempt in brute force when the off-thread finishes Closes #31881 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-06 15:30:49 -03:00
Michal Hajas	50c07c6e7c	Simplify configuration for MULTI_SITE Closes #31807 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2024-08-06 16:14:33 +00:00
Stefan Wiedemann	6258256c1b	Fix access token issue OID4VC (#31763 ) closes #31712 Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>	2024-08-04 11:42:40 +02:00
Ingrid Kamga	7c69c857a1	Add a media type to error responses on OID4VC endpoints Closes #31585 Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>	2024-08-02 12:09:09 +02:00
Justin Tay	f537343545	Allow empty key use in JWKS from identity provider Closes #31823 Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>	2024-08-02 11:39:43 +02:00
rmartinc	773e309f75	Parse saml urls correctly if the bindings are different Closes #31780 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-02 11:34:06 +02:00
Thomas Darimont	282260dc95	Ensure issued_client_type is always added to successful token-exchange response (#31548 ) - Compute issued_token_type response parameter based on requested_token_type and client configuration - `issued_token_type` is a required response parameter as per [RFC8693 2.2.1](https://datatracker.ietf.org/doc/html/rfc8693#section-2.2.1) - Added test to ClientTokenExchangeTest that requests an access-token as requested-token-type Fixes #31548 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-07-30 18:33:51 +02:00
Alexander Schwartz	11b19bc272	For persistent sessions, don't remove user session if there is no session in the remote store (#31756 ) Closes #31115 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-07-30 17:57:09 +02:00
Pedro Igor	a79761a447	Support for blocking concurrent requests when brute force is enabled Closes #31726 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Douglas Palmer <dpalmer@redhat.com> Signed-off-by: mposolda <mposolda@gmail.com>	2024-07-30 10:01:48 +02:00
Martin Kanis	d91d6d18d5	Can not update organization group error when trying to create organisation from REST API Closes #31144 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-07-29 17:39:56 +02:00
Pascal Knüppel	94784182df	Implement DPoP for all grantTypes (#29967 ) fixes #30179 fixes #30181 Signed-off-by: Pascal Knüppel <captain.p.goldfish@gmx.de> Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>	2024-07-29 16:30:54 +02:00
Stefan Guilhen	f45529de8c	Deprecate IDP related methods in RealmModel - delegate to the new provider Closes #31253 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-07-29 16:02:26 +02:00
Stefan Guilhen	c16e88bcee	Make the IDPProvider via session.identityProviders() Closes #31252 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-07-29 16:02:26 +02:00
Alexander Schwartz	6d404b86c9	Trigger clearing the user cache when the duplicate email allowed flag changes Closes #31045 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-07-29 10:37:42 +02:00
Francis Pouatcha	cc78fd7ca0	Provided keycloak with a protocol mapper, that can allow to optionally add iat and nbf claims to VCs (#31620 ) closes #31581 Signed-off-by: Francis Pouatcha <francis.pouatcha@adorsys.com>	2024-07-29 09:32:48 +02:00
Pedro Igor	87c279d645	Respect the username value format when processing federated users Closes #31240 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-29 09:28:43 +02:00
Pedro Igor	4d8c525644	Make sure changes to user profile metadata is not stored when calling decorators (#31549 ) Closes #30476 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-29 09:03:21 +02:00
Pedro Igor	1f8280c71a	Allow members joining multiple organizations Closes #30747 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-29 09:02:36 +02:00
Giuseppe Graziano	12732333c8	Client scope assignment for client registration Closes #31062 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-07-26 17:33:49 +02:00
Stian Thorgersen	30cd88fefe	Change default bootstrap admin service account client-id (#31649 ) Closes #31648 Signed-off-by: stianst <stianst@gmail.com>	2024-07-26 10:45:26 +00:00
vramik	649b35929e	Make sure users created through a registration link are managed members Closes #30743 Signed-off-by: vramik <vramik@redhat.com>	2024-07-25 04:30:13 -03:00
Maciej Mierzwa	97e89e2071	feature: password age in days policy Closes #30210 Signed-off-by: Maciej Mierzwa <dev.maciej.mierzwa@gmail.com>	2024-07-24 15:12:16 -03:00
Francis Pouatcha	30be268672	Enhance Verifiable Credential Signing Service Flexibility and Key Rotation(#30692 ) closes #30525 Signed-off-by: Francis Pouatcha <francis.pouatcha@adorsys.com>	2024-07-24 13:45:39 +02:00
rmartinc	5db3772d45	Remove TrustedHostClientRegistrationPolicyTest#testGithubDomain Closes #29271 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-23 11:33:38 +02:00
Diego Ramp	ae74d923d2	fix bad debugv({}) in favor of more tolerant debugf(%s) Closes #31368 Signed-off-by: Diego Ramp <diego.ramp@mobi.ch>	2024-07-18 10:34:32 +02:00
mposolda	3110bb8989	Missing Cache-Control header when response_type parameter is missing in login request closes #29866 Signed-off-by: mposolda <mposolda@gmail.com>	2024-07-18 10:17:52 +02:00
Pascal Knüppel	018a0802bc	Remove java.util.Date from VerifiableCredential (#30920 ) closes #30918 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2024-07-18 09:52:02 +02:00
Captain-P-Goldfish	526286e851	Manipulate OpenID redirect-response with custom implementation Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2024-07-17 17:20:18 +02:00
Martin Kanis	e5848bdcf9	Cannot set unmanagedAttributePolicy without profile attributes Closes #31153 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-07-17 09:53:59 -03:00
Ricardo Martin	3d12c05005	Correctly moves to the next required action (#31358 ) Closes #31014 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com> Co-authored-by: Giuseppe Graziano <g.graziano94@gmail.com> Co-authored-by: rmartinc <rmartinc@redhat.com>	2024-07-17 09:38:29 +02:00
Pascal Knüppel	8485bc38ef	Make ProofType a string instead of enum (#31000 ) fixes #30999 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>	2024-07-16 11:30:38 +02:00
Martin Kanis	887db25f00	Allow auto-redirect existing users federated from organization broker when using the username Closes #30746 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-07-15 13:48:45 -03:00
Pedro Igor	c33585a5f4	All pubic brokers are shown during authentication rather than only those associated with the current organization Closes #31246 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-12 17:51:39 +02:00
Douglas Palmer	9300903674	page-expired error page shown when using browser back-button on forgot-password page after invalid login attempt Closes #25440 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-07-12 16:24:21 +02:00
Pascal Knüppel	4028ada2a5	Add required default-context value to VerifiableCredential (#30959 ) closes #30958 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>	2024-07-11 18:25:11 +02:00
Pascal Knüppel	96234d42cf	Exchange Enum type of Format for String (#30875 ) closes #30873 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>	2024-07-11 18:18:14 +02:00
Steven Hawkins	4970a9b729	fix: deprecate KEYCLOAK_ADMIN and KEYCLOAK_ADMIN_PASSWORD closes: #30658 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-07-11 18:07:57 +02:00
Pedro Igor	0410653e71	Do not send attributes when unlocking the user Closes #31165 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-11 14:16:23 +02:00
rmartinc	096e335a92	Support for vault and AES and HMAC algorithms to JavaKeystoreKeyProvider Closes #30880 Closes #29755 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-11 12:40:45 +02:00
Pedro Igor	da6c9ab7c1	Bruteforce protector does not work when using organizations Closes #31204 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-11 00:26:47 +02:00
Martin Kanis	922eaa9fc8	Disable username prohibited chars validator when email as username is… (#31140 ) * Disable username prohibited chars validator when email as the username is set Closes #25339 Signed-off-by: Martin Kanis <mkanis@redhat.com> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-10 09:46:24 -03:00
Pedro Igor	d475833361	Do not expose kc.org attribute in user representations Closes #31143 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-10 13:43:23 +02:00
rmartinc	f78a46485d	TE should create a transient session when there is no initial session in client-to-client exchange Closes #30614 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-08 15:44:38 -03:00
Lucy Linder	b4f7487dd3	Fix ReCAPTCHA Enterprise failing due to new properties in response The assessment response added a new field called accountDefenderAssessment. This commit adds the new property, and also ensures new properties won't be problematic next time by ignoring unknown properties on the top level object. Closes: #30917 Signed-off-by: Lucy Linder <lucy.derlin@gmail.com>	2024-07-08 16:59:47 +02:00
Thomas Darimont	c460fa7b48	Allow user to configure prompt parameter for google sign-in Closes #16750 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-07-04 12:01:32 +02:00
Pedro Igor	f010f7df9b	Reverting removal of test assertions and keeping existing logic where only brokers the user is linked to is shown after identity-first login page Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-03 11:55:04 -03:00
Martin Kanis	e1b735fc41	Identity-first login flow should be followed by asking for the user credentials Closes #30339 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-07-03 11:55:04 -03:00
Steven Hawkins	96511e55c6	startup, welcome, and cli handling of bootstrap-admin user (#30054 ) * fix: adding password and service account based bootstrap and recovery closes: #29324, #30002, #30003 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Fix tests Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>	2024-07-03 15:23:40 +02:00
Giuseppe Graziano	02d64d959c	Using _system client when account client is disabled for email actions Closes #17857 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-07-03 08:43:36 +02:00
cgeorgilakis-grnet	20cedb84eb	Check refresh token flow response for offline based on refresh token request parameter Closes #30857 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>	2024-07-02 18:13:30 -03:00
Pedro Igor	cc2ccc87b0	Filtering organization groups when managing or processing groups Closes #30589 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-28 10:27:18 -03:00
Thomas Darimont	690c6051bb	Fix scope policy evaluation for client to client token exchange (#26435 ) Previously the scope from the token was not set available in the ClientModelIdentity attributes. This caused the NPE in `org.keycloak.authorization.policy.provider.clientscope.ClientScopePolicyProvider.hasClientScope`(..) when calling `identity.getAttributes().getValue("scope")`. We now pass the provided decoded AccessToken down to the ClientModelIdentity creation to allow to populate the required scope attribute. We also ensure backwards compatibility for ClientPermissionManagement API. Fixes #26435 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-06-28 10:33:20 +02:00
Douglas Palmer	601355d517	Flaky test: org.keycloak.testsuite.oauth.TokenIntrospectionTest#testUnsupportedToken Closes #30111 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-06-27 18:41:48 +02:00
mposolda	3c3f59f861	Move some server related logic from info representation classes to server codebase Signed-off-by: mposolda <mposolda@gmail.com>	2024-06-27 11:00:30 +02:00
Jon Koops	cd0dbdf264	Use the Keycloak server URL for common resources (#30823 ) Closes #30541 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-06-26 14:52:25 +00:00
Takashi Norimatsu	b0aac487a3	VC issuance in Authz Code flow with considering scope parameter closes #29725 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2024-06-24 10:53:19 +02:00
Jon Koops	df18629ffe	Use a default Java version from root POM (#29927 ) Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-06-21 14:19:31 +02:00
mposolda	6a9e60bba0	Flow steps back when changing locale or refreshing page on 'Try another way page' closes #30520 Signed-off-by: mposolda <mposolda@gmail.com>	2024-06-21 11:22:15 +02:00
rmartinc	592c2250fc	Add briefRepresentation query parameter to getUsersInRole endpoint Closes #29480 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-06-21 11:21:02 +02:00
Takashi Norimatsu	6b135ff6e7	client-jwt authentication fails on Token Introspection Endpoint closes #30599 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2024-06-21 10:47:25 +02:00
Pedro Igor	a0ad680346	Adding an alias to organization and exposing them to templates Closes #30312 Closes #30313 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-20 14:36:14 -03:00
Jon Koops	77fb3c4dd4	Use correct host URL for Admin Console requests (#30535 ) Closes #30432 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-06-19 15:21:53 +02:00
Francis Pouatcha	d4797e04a2	Enhance SupportedCredentialConfiguration to support optional claims object as defined in OpenID for Verifiable Credential Issuance specification (#30420 ) closes #30419 Signed-off-by: Francis Pouatcha <francis.pouatcha@adorsys.com>	2024-06-18 17:07:49 +02:00
rmartinc	38d8cf2cb3	Add UPDATE event to the client-roles condition Closes #30284 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-06-18 15:30:42 +02:00
Thibault Morin	f6fa869b12	feat(SAML): add Artifact Binding on brokering scenarios when Keycloak is SP (#29619 ) * feat: add Artifact Binding on brokering scenarios when Keycloak is SP Signed-off-by: tmorin <git@morin.io> * Adding broker test and minor improvements Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> * Fixing IdentityProviderTest Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> * Renaming methods related to idp initiated flows Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> * Fixing partial_import_test.spec.ts Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> --------- Signed-off-by: tmorin <git@morin.io> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-14 08:54:49 -03:00
vramik	d355e38424	Provide a cache layer for the organization model Closes #30087 Signed-off-by: vramik <vramik@redhat.com>	2024-06-13 08:13:36 -03:00
Jon Koops	c7361ccf6e	Run the Vite dev server through the Keycloak server (#27311 ) Closes #19750 Closes #28643 Closes #30115 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-06-12 11:55:14 +02:00

1 2 3 4 5 ...

4790 commits