Hynek Mlnařík
f71ab092de
File store basis
...
Fixes : #16676
---
* Enhance DefaultModelCriteria
* Fix collection
* Fix delete in CHMKeycloakTransaction
* Add HasRealmId interface
* Fix EntityFieldDelegate
* Support for realm-less entities in providers
* Support for realm-less entities in providers (events)
* File store basis
* Add support for writing
* Support running KeycloakServer with file store
* Add support for file store in model testsuite
---------
Co-authored-by: vramik <vramik@redhat.com>
2023-02-07 14:59:23 +01:00
Stian Thorgersen
4782a85166
Remove old admin console feature ( #16861 )
...
* Remove old admin console feature
Closes #16860
* Update help txt files for Quarkus tests
2023-02-07 12:59:35 +01:00
Pedro Igor
7b58783255
Allow mapping claims to user attributes when exchanging tokens
...
Closes #8833
2023-02-07 10:57:35 +01:00
Thomas Darimont
e38b7adf92
Revise blacklist password policy provider #8982
...
- Reduce false positive probability from 1% to 0.01% to avoid
rejecting to many actually good passwords.
- Make false positive rate configurable via spi config
- Revised log messages
Supported syntax variant:
`passwordBlacklist(wordlistFilename)`
Fixes #8982
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2023-02-07 10:36:39 +01:00
Martin Kanis
5ba004b447
Leverage Infinispan lifespan for ExpirableEntities in HotRod storage
2023-02-07 10:01:32 +01:00
Stian Thorgersen
fc075a3d35
Remove old admin console tests ( #16859 )
...
Closes #16858
2023-02-07 08:51:36 +01:00
Bruno Oliveira da Silva
963b7fbc9d
CVE-2022-45047 - Deserialization of Untrusted Data vulnerability in org.apache.sshd:sshd-common
...
Resolves #16779
2023-02-06 16:07:37 -03:00
dependabot[bot]
d32cc7c3f9
Bump github/codeql-action from 2.1.39 to 2.2.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.39 to 2.2.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.1.39...v2.2.1 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-06 16:04:13 -03:00
Alexander Schwartz
48aae83891
Close prepared statement used to set the lock timeout
...
Closes #16801
2023-02-06 17:30:58 +01:00
dependabot[bot]
71d292ff70
Bump @types/node from 18.11.18 to 18.11.19 in /js ( #16867 )
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 18.11.18 to 18.11.19.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-06 15:44:10 +00:00
Denis Bernard
5db64133b8
Add Attribute to Group Mapper for SAML IDP
...
Cleansing code as PR Comment
Add test for Advanced Attribute to Group Mapper
Closes #12950
2023-02-06 10:58:48 -03:00
Pedro Igor
1a1ee78dbd
Removing tests from base group broker mapper test classes
2023-02-06 10:58:48 -03:00
dependabot[bot]
9b01bf382d
Bump aquasecurity/trivy-action from 0.8.0 to 0.9.0
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](9ab158e859...cff3e9a7f6
)
---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-03 16:32:16 -03:00
Bruno Oliveira da Silva
12cefb9950
Update to Quarkus 2.13.7.Final
...
Resolves #16755
Co-authored-by: Robert Nemeti <r.nemeti@syseleven.de>
2023-02-03 15:03:11 -03:00
mposolda
d495f29a4d
Support to run BCFIPS approved mode tests on GH actions
...
Closes #16440
2023-02-03 16:30:58 +01:00
Pedro Igor
d97b9c48c4
Make sure PBKDF2 providers are using the expect size for derived keys ( #16798 )
...
Closes #16797
2023-02-03 15:31:25 +01:00
rmartinc
f8f112d8d2
Upgrade twitter4j ( #16828 )
...
Closes https://github.com/keycloak/keycloak/issues/16731
2023-02-03 15:28:37 +01:00
mposolda
0e374c7a45
Any tests using PhantomJS failing in some linux environments
...
closes #16818
2023-02-03 15:19:57 +01:00
Stian Thorgersen
5407228375
Update js-ci.yml ( #16830 )
2023-02-03 12:47:04 +01:00
dependabot[bot]
175624103b
Bump @typescript-eslint/eslint-plugin from 5.49.0 to 5.50.0 in /js ( #16824 )
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 5.49.0 to 5.50.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.50.0/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-03 12:05:16 +01:00
dependabot[bot]
49bd873dc7
Bump wireit from 0.9.3 to 0.9.4 in /js ( #16823 )
...
Bumps [wireit](https://github.com/google/wireit ) from 0.9.3 to 0.9.4.
- [Release notes](https://github.com/google/wireit/releases )
- [Changelog](https://github.com/google/wireit/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google/wireit/compare/v0.9.3...v0.9.4 )
---
updated-dependencies:
- dependency-name: wireit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-03 12:04:49 +01:00
dependabot[bot]
6de4ebeaa9
Bump @typescript-eslint/parser from 5.49.0 to 5.50.0 in /js ( #16825 )
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 5.49.0 to 5.50.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v5.50.0/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-03 11:50:07 +01:00
dependabot[bot]
7819a289bd
Bump typescript from 4.9.4 to 4.9.5 in /js ( #16826 )
...
Bumps [typescript](https://github.com/Microsoft/TypeScript ) from 4.9.4 to 4.9.5.
- [Release notes](https://github.com/Microsoft/TypeScript/releases )
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.9.4...v4.9.5 )
---
updated-dependencies:
- dependency-name: typescript
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-03 11:49:41 +01:00
Jon Koops
8cb202eb29
Add JavaScript admin client to repository ( #16697 )
...
* Add JavaScript admin client to repository
* Apply review feedback
Co-authored-by: Stian Thorgersen <stian@redhat.com>
---------
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-02-03 10:45:11 +00:00
Stian Thorgersen
0fa209c29a
WelcomeScreenTest#resourcesTest ( #16761 )
...
* Fix WelcomeScreenTest#resourcesTest
Closes #16669
* Add one more retry
2023-02-03 09:41:48 +01:00
Pedro Igor
263e86e434
Support paths without a beginning slash when setting the root path
...
Closes #16002
2023-02-02 17:41:22 +01:00
Marek Posolda
51bed81814
Fixes for OOB endpoint and KeycloakSanitizer ( #16773 )
...
(cherry picked from commit 91ac2fb9dd50808ff5c76d639594ba14a8d0d016)
2023-02-02 08:34:50 +01:00
Bruno Oliveira da Silva
c585051164
Remove duplicate references on the main pom.xml for SnakeYAML
...
Resolves #16784
2023-02-02 08:20:33 +01:00
Pedro Igor
e3c41ec3a0
Ignoring test methods from parent classes
...
Closes #15687
2023-02-01 14:58:03 -08:00
Bruno Oliveira da Silva
52f9b0df59
Snyk Workflow failing due to the usage of the same category on multiple sections
...
Resolves #16705
2023-02-01 19:11:08 -03:00
Pedro Igor
b5fb528508
Do not enable caching metrics by default and provide a guide
...
Closes #16751
2023-02-01 18:55:43 +01:00
Stian Thorgersen
d9025231f9
HTML Injection in Keycloak Admin REST API ( #16765 )
...
Resolves #GHSA-m4fv-gm5m-4725
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
2023-02-01 14:34:15 +01:00
Bruno Oliveira da Silva
e3ccba3903
CVE-2022-41854/CVE-2022-38752 Snakeyaml vulnerable to Stack overflow leading to denial of service
...
Resolves #16062
2023-02-01 13:45:50 +01:00
Stian Thorgersen
ae189c5a34
Fix pom.xml conditions for workflows ( #16758 )
2023-02-01 08:57:41 +01:00
Stian Thorgersen
d81794123b
Add pom.xml files to conditional workflows ( #120 ) ( #16757 )
2023-02-01 07:59:47 +01:00
Martin Kanis
a912558d29
Add MapKeycloakTransaction.exists methods
2023-01-31 17:21:40 +01:00
Stian Thorgersen
88a249ea0d
Update conditional workflows ( #16728 )
...
* Update conditional workflows
* Second versions to make it more readable
2023-01-31 16:27:33 +01:00
Klaus Betz
20a7a5acdb
fix: consider identity provider models from third-party packages
2023-01-31 06:05:02 -08:00
Stian Thorgersen
b2d94b22e7
Temporarily always run CI and Operator workflows until conditions are fixed ( #16719 )
2023-01-31 08:57:32 +01:00
Alexander Schwartz
c6aba2e3de
Make LockAcquiringTimeoutException a RuntimeException
...
Closes #16690
2023-01-31 08:21:32 +01:00
Marek Posolda
33ff9ef17e
Fix remaining failing tests with BCFIPS approved mode ( #16699 )
...
* Fix remaining failing tests with BCFIPS approved mode
Closes #16698
2023-01-30 16:01:57 +01:00
Stian Thorgersen
c5c25345fb
Run workflows if workflow files have changed ( #16696 )
2023-01-30 13:00:54 +00:00
Stian Thorgersen
00d9fdc2b8
Introduce CODEOWNERS ( #16637 )
...
* Introduce CODEOWNERS
Closes #16636
* Add exceptions to GitHub Issues
* Update PR-CHECKLIST.md
Co-authored-by: Stan Silvert <ssilvert@redhat.com>
* Simplify CODEOWNERS by removing **, and add server/operator guides to cloud-native team
* Updates
* Added base-ui tests to ui-maintainers
---------
Co-authored-by: Stan Silvert <ssilvert@redhat.com>
2023-01-30 13:05:45 +01:00
Alexander Schwartz
7933f0489d
Align startup of Quarkus with the regular startup to ensure boostrap locks are created.
...
Also fixing an issue where DBLockGlobalLockProviderFactory held on to an old session, which lead to a closed DB connection on Quarkus.
Closes #16642
2023-01-30 12:59:40 +01:00
Martin Bartoš
eebbeb26bc
Remove invalid property from Operator properties
...
Closes #16373
2023-01-30 08:59:49 +01:00
mposolda
7f017f540e
BCFIPS approved mode: Some tests failing due the short secret for client-secret-jwt client authentication
...
Closes #16678
2023-01-30 08:40:46 +01:00
Stian Thorgersen
d2ef774788
Conditional workflows ( #16666 )
...
* Conditional workflows
Closes #16665
* Added .editorconfig to make sure there's a newline in conditions file
* Fix
* Tweak
* Tweaks
2023-01-30 08:07:10 +01:00
Erik Jan de Wit
6736f31952
fixed fine grain permissions ( #16668 )
...
fixes : #3700
2023-01-28 10:13:53 -05:00
Erik Jan de Wit
5f8ee1c49d
add fine grain access to subgroups ( #16672 )
...
fixes: https://github.com/keycloak/keycloak-ui/issues/4195
2023-01-27 14:20:26 -05:00
Martin Kanis
c4255e7301
Wrong property for events in map-storage-hot-rod on Undertow
2023-01-27 14:24:34 +01:00