Commit graph

24643 commits

Author SHA1 Message Date
graziang
1f57fc141c UPDATED_PASSWORD required-action triggered only when login using password
`UpdatePassword.evaluateTriggers` adds the required-action to the user by evaluating the expiration password policy. Added a check that skips the evaluation if no password used during auth flow. This check uses the value of an auth note set in the `validatePassword` method of the `AbstractUsernameFormAuthenticator`.
Manually adding UPDATED_PASSWORD required-action to the user continues to trigger the action regardless of the authentication method.

Closes #17155

Signed-off-by: graziang <g.graziano94@gmail.com>
2024-02-16 18:16:36 +01:00
Marek Posolda
c94f9f5716
Remove random redirect after password reset (#27076)
closes #20867

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: Ricardo Martin <rmartinc@redhat.com>
2024-02-16 18:13:27 +01:00
Stefan Guilhen
143ccbfa15 Check if kerberos auth is enabled before creating the kerberos principal in LDAPStorageProvider
- prevents misleading warn messages from being logged

Closes #25294

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
2024-02-16 15:44:45 +01:00
Ryan Emerson
c30b9545ef
Aurora Postgres IT: Upload flaky and surefire test reports
Closes #26967

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-16 11:57:56 +01:00
dependabot[bot]
5cda4f0008 Bump rollup from 4.10.0 to 4.11.0 in /js
Bumps [rollup](https://github.com/rollup/rollup) from 4.10.0 to 4.11.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.10.0...v4.11.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-16 11:08:44 +01:00
Alfredo Moises Boullosa
74e3b97d54 Fix realm_test in cypress (#26400)
Signed-off-by: Alfredo Moises Boullosa <aboullos@redhat.com>
2024-02-16 10:56:19 +01:00
dependabot[bot]
f496e46dbb Bump @types/node from 20.11.17 to 20.11.19 in /js
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.11.17 to 20.11.19.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-16 10:33:53 +01:00
dependabot[bot]
1884f69968 Bump rollup
Bumps [rollup](https://github.com/rollup/rollup) from 4.10.0 to 4.11.0.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.10.0...v4.11.0)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-16 10:11:54 +01:00
dependabot[bot]
b360df6590 Bump vite from 5.1.2 to 5.1.3 in /js
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.1.2 to 5.1.3.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.1.3/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-16 10:11:02 +01:00
dependabot[bot]
953914992e Bump reactflow from 11.10.3 to 11.10.4 in /js
Bumps [reactflow](https://github.com/xyflow/xyflow/tree/HEAD/packages/reactflow) from 11.10.3 to 11.10.4.
- [Release notes](https://github.com/xyflow/xyflow/releases)
- [Changelog](https://github.com/xyflow/xyflow/blob/reactflow@11.10.4/packages/reactflow/CHANGELOG.md)
- [Commits](https://github.com/xyflow/xyflow/commits/reactflow@11.10.4/packages/reactflow)

---
updated-dependencies:
- dependency-name: reactflow
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-16 10:10:49 +01:00
Marek Posolda
d8ab12eab7
Release notes for Keycloak 24 with OIDC contributions (#27047)
closes #25729

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-16 08:34:20 +01:00
Vlasta Ramik
76453550a5
User attribute value length extension
Closes #9758

Signed-off-by: vramik <vramik@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2024-02-16 08:09:34 +01:00
mposolda
eff6c3af78 During password reset, the baseURL is not shown on the info page after browser restart
closes #21127

Signed-off-by: mposolda <mposolda@gmail.com>
2024-02-15 18:48:53 +01:00
Václav Muzikář
738277b2c2
Upgrade to Quarkus 3.7.3 (#27037)
Closes #27036

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-15 15:03:56 +01:00
Bruno Oliveira da Silva
ed6c469b6e Provide an OpenSSF security insights manifest file
Closes #27038

Co-authored-by: Stian Thorgersen <stian@redhat.com>

Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2024-02-15 11:02:33 -03:00
Steven Hawkins
b94277fd53
fix: increasing the default max-form-attribute-size (#27035)
closes: #26330

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-02-15 14:21:03 +01:00
Martin Bartoš
59007844d9
Supported option to specify resource management for pods in Keycloak CR (#26661)
Closes #26456

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-02-15 13:38:41 +01:00
dependabot[bot]
91f02f1c00 Bump @typescript-eslint/eslint-plugin from 6.21.0 to 7.0.0 in /js
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 6.21.0 to 7.0.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v7.0.0/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-15 13:26:47 +01:00
dependabot[bot]
bb55d5eeda Bump chai from 5.0.3 to 5.1.0 in /js
Bumps [chai](https://github.com/chaijs/chai) from 5.0.3 to 5.1.0.
- [Release notes](https://github.com/chaijs/chai/releases)
- [Changelog](https://github.com/chaijs/chai/blob/main/History.md)
- [Commits](https://github.com/chaijs/chai/compare/v5.0.3...v5.1.0)

---
updated-dependencies:
- dependency-name: chai
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-15 13:14:06 +01:00
dependabot[bot]
f2a8dde95f Bump vite from 5.1.1 to 5.1.2 in /js
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.1.2/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-15 12:42:37 +01:00
Michal Hajas
f7f7f1bd10 Add caching for subGroupsCount
Closes #25731

Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-02-15 19:46:04 +09:00
Michal Hajas
e55ba5dcdc Make sure pagination is used even when first is null for getGroups endpoint
Closes #25731

Signed-off-by: Michal Hajas <mhajas@redhat.com>
2024-02-15 19:46:04 +09:00
mposolda
b4d289c562 Fixing UriValidator
closes #26792

Signed-off-by: mposolda <mposolda@gmail.com>
2024-02-15 10:30:39 +01:00
rmartinc
4ff4c3f897 Increase internal algorithm security using HS512 and 128 byte hmac keys
Closes #13080

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-02-15 08:16:45 +01:00
Marek Posolda
16fca0118e
User profile - release notes and more migration instructions (#27003)
closes #26917
closes #26932

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-15 08:14:16 +01:00
Marek Posolda
e2fb8406a3
Fixing the docs about default hashing iterations (#27020)
closes #26816

Signed-off-by: mposolda <mposolda@gmail.com>


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2024-02-15 08:11:44 +01:00
Steven Hawkins
df38081fe8
fix: add an info message, and converts info to debug on non-pem files (#26939)
* fix: add an info message, and converts info to debug on non-pem files

closes: #26929

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Update services/src/main/java/org/keycloak/truststore/TruststoreBuilder.java

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
2024-02-14 19:55:53 +01:00
Martin Bartoš
531b386c97
Do not print executed commands in loop when checking deployments (#26872)
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-02-14 19:41:50 +01:00
rmartinc
bc82929e3a Cors modifications for UserInfo endpoint
Closes #26782

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-02-14 18:24:06 +01:00
Ryan Emerson
67f6f2f657
Add Multi-AZ Aurora DB to CI store-integration-tests
Closes #26730

Signed-off-by: Ryan Emerson <remerson@redhat.com>
2024-02-14 16:51:08 +01:00
stianst
9f1da8dbf2 Add checkbox for regression to bug issue template
Signed-off-by: stianst <stianst@gmail.com>
2024-02-14 10:32:45 -03:00
Hynek Mlnarik
2914c5821d Add signing-in tests
Fixes: #21245
Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-02-14 14:28:13 +01:00
Erik Jan de Wit
ba91f2aacc
refresh the when we need to refresh (#27028)
fixes: #27002

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-02-14 13:19:52 +00:00
dependabot[bot]
f7a594acb6 Bump husky from 9.0.10 to 9.0.11 in /js
Bumps [husky](https://github.com/typicode/husky) from 9.0.10 to 9.0.11.
- [Release notes](https://github.com/typicode/husky/releases)
- [Commits](https://github.com/typicode/husky/compare/v9.0.10...v9.0.11)

---
updated-dependencies:
- dependency-name: husky
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-14 09:54:37 +01:00
vibrown
161d03efd2 Added SPIs for ClientType and ClientTypeManager
Grabbed the SPIs for ClientType and ClientTypeManager from Marek's Client Type prototype.

Closes #26431

Signed-off-by: vibrown <vibrown@redhat.com>

Cleaned up TODOs

Signed-off-by: vibrown <vibrown@redhat.com>

Added isSupported methods

Signed-off-by: vibrown <vibrown@redhat.com>
2024-02-13 19:26:19 +01:00
rmartinc
bb12f3fb82 Do not require non-builtin attributes for service accounts
Closes #26716

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-02-13 17:42:59 +01:00
Steven Hawkins
6bbf8358b4
task: addressing build warnings (#26877)
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-02-13 17:04:43 +01:00
Steven Hawkins
3a04acab51
fix: adds pfx as a recognized extension (#26876)
closes #24661

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-02-13 15:38:12 +01:00
Stian Thorgersen
5a2b145e4e
Add team/cross-dc to teams.yml 2024-02-13 15:08:42 +01:00
Joshua Sorah
b81233a4af
[docs] Align OAuth 2.0 Security Best Current Practice links (#24706)
Closes keycloak/keycloak#24705

Signed-off-by: Joshua Sorah <jsorah@gmail.com>
2024-02-13 13:53:56 +01:00
Erik Jan de Wit
5242f5fcb6
pf5 refactor client scope (#26734)
* use ui-shared controls

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* add `hasNoPaddingTop` to Switch Label

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* use ui-shared controls

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* fixed tests

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-02-13 07:53:38 -05:00
Erik Jan de Wit
ab41f270fc
updated otp screen to patternfly 5 (#26528)
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-02-13 07:51:43 -05:00
Erik Jan de Wit
56b0f9ec03
added patternfly 5 update password (#26580)
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-02-13 07:51:19 -05:00
Alexander Schwartz
a206fb8268
Use the appropriate database dialect to add quotes to the schema name (#26979)
Closes #25961

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-13 13:10:47 +01:00
Alexander Schwartz
c7b51fc7f0
Use the appropriate database dialect to add quotes to the schema name (#26964)
Closes #25961

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-13 13:09:55 +01:00
Stian Thorgersen
59710e654c
Remove team/store (#26987) 2024-02-13 12:43:06 +01:00
Stian Thorgersen
23d5f2188d
Run adapters in a separate job on GitHub Actions (#26962)
Closes #25892

Signed-off-by: stianst <stianst@gmail.com>
2024-02-13 12:38:58 +01:00
Stian Thorgersen
03d1363dfb
Remove team/core from teams.yml 2024-02-13 11:56:04 +01:00
Hynek Mlnarik
18ad2c8b30 Add account console group test
Fixes: #21250

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-02-13 11:39:57 +01:00
Michal Hajas
83f3e91e4f
Use http-pool-max-threads in HA guides
Closes #26849

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-13 10:01:59 +00:00