keycloak-scim

Author	SHA1	Message	Date
Alexander Schwartz	6cc8d653f3	Make SessionWrapper related fields immutable that are part of the equals method The cache replace logic depends on it, as values returned by reference from a local cache must never be modified on those critical fields directly. Closes #28906 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-13 09:59:50 +02:00
rmartinc	41b706bb6a	Initial security profile SPI to integrate default client policies Closes #27189 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-04-10 11:19:56 +02:00
Václav Muzikář	e4987f10f5	Hostname SPI v2 (#26345 ) * Hostname SPI v2 Closes: #26084 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> * Fix HostnameV2DistTest#testServerFailsToStartWithoutHostnameSpecified Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> * Address review comment Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> * Partially revert the previous fix Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> * Do not polish values Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> * Remove filtering of denied categories Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> --------- Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>	2024-04-09 11:25:19 +02:00
Steven Hawkins	be32f8b1bf	fix: limit the use of Resteasy to the KeycloakSession (#28150 ) * fix: limit the use of Resteasy to the KeycloakSession contextualizes other state to the KeycloakSession close: #28152	2024-03-26 13:43:41 -04:00
Steven Hawkins	35b9d8aa49	task: remove usage of resteasy-core-spi (#27387 ) closes: #27242 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-03-21 15:28:34 +01:00
Václav Muzikář	4096a2657e	Supported option to specify site name for multi-site deployments Closes #26460 Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-01-31 11:52:19 +00:00
Ricardo Martin	b58f35fb47	Revert "Enable verify profile required action by default for new realms" (#26495 ) This reverts commit `7f195acc14`. Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-01-25 12:28:16 +01:00
rmartinc	7f195acc14	Enable verify profile required action by default for new realms Closes #25985 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-01-24 20:28:06 +01:00
Martin Kanis	84603a9363	Map Store Removal: Rename Legacy* classes (#26273 ) Closes #24105 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-01-23 13:50:31 +00:00
Michal Hajas	ec061e77ed	Remove GlobalLockProviderSpi (#25206 ) Closes #24103 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2023-12-01 16:40:56 +00:00
vramik	926be135e8	Remove map related modules Signed-off-by: vramik <vramik@redhat.com> Closes #24100	2023-11-13 12:34:52 +01:00
vramik	4cd34f8423	Update logging properties for showing SQL statements and JDBC parameters Closes #22815	2023-08-30 12:52:08 +02:00
Stian Thorgersen	5a411d8931	Allow setting context-path for KeycloakServer (#21590 ) Closes #21589	2023-07-11 14:24:07 +00:00
Martin Bartoš	64738ea708	Fix issues with JakartaEE Mail dependencies This reverts commit da4644844ed88818c05d777460624403326ab01c --- Quarkus3 branch sync no. 12 (31.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified	2023-04-27 13:36:54 +02:00
vramik	fa3ba6331e	Remove JsonbPostgreSQL95Dialect from keycloak-server.json from testsuite utils Fixes #16336	2023-04-27 13:36:54 +02:00
Martin Bartoš	b1da7bd613	Revert Mail API --- Quarkus3 branch sync no. 13 (11.4.2023) Resolved conflicts: keycloak/quarkus/pom.xml - Modified --- Quarkus3 branch sync no. 12 (31.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified	2023-04-27 13:36:54 +02:00
Martin Bartoš	7cff857238	Migrate packages from javax.* to jakarta.* --- Quarkus3 branch sync no. 14 (24.4.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ComponentExportImportTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/FederatedStorageExportImportTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java - Modified keycloak/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java - Modified --- Quarkus3 branch sync no. 13 (11.4.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AccountTotpPage.java - Deleted keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java - Modified --- Quarkus3 branch sync no. 12 (31.3.2023) Resolved conflicts: keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/services/resources/QuarkusWelcomeResource.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/profile/util/Soap.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/UserInfoClientUtil.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified --- Quarkus3 branch sync no. 10 (17.3.2023) Resolved conflicts: keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java - Modified --- Quarkus3 branch sync no. 9 (10.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosSingleRealmTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java - Modified --- Quarkus3 branch sync no. 8 (3.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/SamlClient.java Modified - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java - Modified keycloak/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionAuthenticator.java - Modified --- Quarkus3 branch sync no. 6 (17.2.2023) Resolved conflicts: keycloak/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ComponentsResource.java - Modified keycloak/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/installation/SamlSPDescriptorClientInstallation.java - Modified --- Quarkus3 branch sync no. 5 (10.2.2023) Resolved conflicts: /keycloak/services/src/main/java/org/keycloak/social/google/GoogleIdentityProvider.java Modified - Modified keycloak/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java - Modified --- Quarkus3 branch sync no. 4 (3.2.2023) Resolved conflicts: keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/integration/jaxrs/QuarkusKeycloakApplication.java - Modified --- Quarkus3 branch sync no. 1 (18.1.2023) Resolved conflicts: keycloak/testsuite/client/ClientPoliciesTest.java - Deleted keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java - Modified keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaModelCriteriaBuilder.java - Modified	2023-04-27 13:36:54 +02:00
Alexander Schwartz	513bb809f3	Add a map storage global locking implementation for JPA Closes #14734	2023-03-21 08:21:11 +01:00
Michal Hajas	465019bec4	Extract attachDevice outside of storage layer Closes #17336	2023-03-03 17:58:34 +01:00
Hynek Mlnarik	bb0eb899a7	Add ability to run arq testsuite with file store Fixes: #17032	2023-02-15 10:17:23 +01:00
Hynek Mlnařík	f71ab092de	File store basis Fixes: #16676 --- * Enhance DefaultModelCriteria * Fix collection * Fix delete in CHMKeycloakTransaction * Add HasRealmId interface * Fix EntityFieldDelegate * Support for realm-less entities in providers * Support for realm-less entities in providers (events) * File store basis * Add support for writing * Support running KeycloakServer with file store * Add support for file store in model testsuite --------- Co-authored-by: vramik <vramik@redhat.com>	2023-02-07 14:59:23 +01:00
Hynek Mlnarik	071fc03f41	Move transaction processing into session close Fixes: #15223	2023-01-05 16:12:32 +01:00
Stian Thorgersen	a5670af745	Keycloak CI workflow refactoring (#15968 ) * Keycloak CI workflow refactoring Closes #15861 * Update testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com> * Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com> * Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com> * Update CodeQL actions Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>	2022-12-14 16:12:23 +01:00
Michal Hajas	6d683824a4	Deprecate DBLockProvider and replace it with new GlobalLockProvider Closes #9388	2022-11-16 16:13:25 +01:00
stianst	1de9c201c6	Refactor Profile Closes #15206	2022-11-07 07:28:11 -03:00
Martin Kanis	761929d174	Merge ActionTokenStoreProvider and SingleUseObjectProvider (#13677 ) Closes #13334	2022-10-13 09:26:44 +02:00
Alice Wood	55a660f50b	enhance group search to allow searching for groups via attribute keycloak/keycloak#12964 Co-authored-by: Abhijeet Gandhewar <agandhew@redhat.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2022-09-19 15:19:36 +02:00
Marek Posolda	040e52cfd7	SAML javascript protocol mapper: disable uploading scripts through admin console by default (#14293 ) Closes #14292	2022-09-09 13:47:51 +02:00
Michal Hajas	f69497eb28	KEYCLOAK-12988 Deprecate getUsers* methods in favor of searchUsers* variants Closes #14018	2022-09-06 10:38:28 +02:00
Alexander Schwartz	84ac2a2ba4	Update configuration to re-enable starting KeycloakServer for map storage (#13079 )	2022-07-13 15:31:34 -03:00
Martin Kanis	4b43612806	Disable WARN logging for Hot Rod RemoteQuery class	2022-07-11 16:48:56 -03:00
Pedro Igor	5b48d72730	Upgrade Resteasy v4 Closes #10916 Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2022-07-11 12:17:51 -03:00
Alexander Schwartz	d91a5eb99f	Move methods from UserStorageUtil to LegacyRealmModel It is better suited to take methods removed from RealmModel earlier. Closes #12805	2022-07-07 09:57:17 -03:00
Alexander Schwartz	098d4dda0e	Split PublicKeyStorageProvider (#12897 ) Split PublicKeyStorageProvider - Extract clearCache() method to separate interface and move it to the legacy module - Make PublicKeyProvider factories environment dependent - Simple map storage for public keys that just delegates Resolves #12763 Co-authored-by: Martin Kanis <mkanis@redhat.com>	2022-07-05 09:57:51 -03:00
Stefan Guilhen	7d96f3ad5a	Events Map JPA implementation Closes #9667	2022-06-21 13:53:48 +02:00
Hynek Mlnarik	e396d0daa1	Renaming SingleUserCredentialManager and UserModel.getUserCredentialManager(): - class SingleUserCredentialManager to SingleEntityCredentialManager - method UserModel.getUserCredentialManager() to credentialManager() Renaming of API without "get" prefix to make it consistent with other APIs like for example with KeycloakSession	2022-06-21 08:53:06 +02:00
Alexander Schwartz	6f287e7ded	Avoid using methods on UserCredentialStoreManager	2022-06-21 08:53:06 +02:00
Alexander Schwartz	82094d113e	Move User Storage SPI, introduce ExportImportManager	2022-06-21 08:53:06 +02:00
Michal Hajas	09c0a69a8f	Add HotRod no downtime store for events Closes #9676	2022-06-02 13:30:19 +02:00
Marek Posolda	eed944292b	Make script providers working on JDK 17 (#11322 ) Closes #9945	2022-05-27 12:28:50 +02:00
Martin Kanis	0cb3c95ed5	Map storage: Single-use objects (action token)	2022-05-25 16:47:10 +02:00
vramik	24171d2e47	Rename providers from jpa-map-storage to jpa Closes #12098	2022-05-23 16:47:51 +02:00
Michal Hajas	b86f205cda	Make KeycloakServer runnable with external Infinispan server Closes #12011 Closes #12014	2022-05-16 21:50:35 +02:00
Alexander Schwartz	e2cf6ae92b	Disable caching for map storage. Also aligns the properties with the integration test suite to avoid confusion. Closes #11748	2022-04-29 12:03:18 +02:00
Pedro Igor	2cb5d8d972	Removing upload scripts feature (#11117 ) Closes #9865 Co-authored-by: Michal Hajas <mhajas@redhat.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2022-04-20 14:25:16 +02:00
Alexander Schwartz	a6dd9dc0f1	Avoiding AvlPartitionFactory and using JdbmPartitionFactory for the embedded LDAP to work around unstable tests. Fix for #11171 didn't turn out to cover the root cause. Also improved transaction handling in LDAP Map storage. Closes #11211	2022-04-12 09:12:21 +02:00
Alexander Schwartz	5c810ad0e5	Avoid short-lived connections for ApacheDS to avoid messages around "ignoring the message MessageType UNBIND_REQUEST" The comment in LdapRequestHandler.java in ApacheDS notes just before discarding an unbind request: "in some cases the session is becoming null though the client is sending the UnbindRequest before closing". Also implementing a retry logic for all remaining errors regarding LDAP. Closes #11171	2022-04-11 10:03:15 +02:00
vramik	8ff768b33b	JPA map storage: Authentication session no-downtime store Closes #9665	2022-03-30 13:43:35 +02:00
Marek Posolda	22a16ee899	OIDC RP-Initiated logout endpoint (#10887 ) * OIDC RP-Initiated logout endpoint Closes #10885 Co-Authored-By: Marek Posolda <mposolda@gmail.com> * Review feedback Co-authored-by: Douglas Palmer <dpalmer@redhat.com>	2022-03-30 11:55:26 +02:00
Alexander Schwartz	3c3f003a38	LDAP Map storage support to support read/write for roles Closes #9929	2022-03-08 12:03:10 +01:00

1 2 3

126 commits