libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions
14798 commits 4 branches 5 tags 483 MiB
Commit graph

734 commits

Author SHA1 Message Date
Martin Bartoš
0fcf5d3936 Reuse of token in TOTP is possible 
Fixes #13607
 2022-09-09 08:56:02 -03:00
vramik
869ccc82b2 Enable MapUserProvider storing username with the letter case significance 
Closes #10245
Closes #11602
 2022-09-09 11:46:11 +02:00
cgeorgilakis
07b0df8f62
View groups from account console (#7933) 
Closes #8748
 2022-09-07 11:25:31 +02:00
evtr
4469bdc0a9
RelayState max length not respected 
Fixes: #10227
 2022-09-06 22:01:14 +02:00
Christoph Leistert
cc2bb96abc Fixes #9482: A user could be assigned to a parent group if he is already assigned to a subgroup. 2022-09-06 21:31:31 +02:00
Pedro Igor
a6137b9b86 Do not empty attributes if they are not provided when user profile is enabled 
Closes #11096
 2022-09-06 12:59:05 +02:00
Martin Bartoš
e6a5f9c124 Default required action providers are still available after feature disabling 
Closes #13189
 2022-08-31 08:42:47 +02:00
Justin Stephenson
0e89f07d5a
Implement AutoCloseable in SimpleHTTP util (#11060) 
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
 2022-08-29 08:09:51 +02:00
Joerg Matysiak
62790b8ce0 Allow permission configuration for username and email in user profile. 
Enhanced Account API to respect access to these attributes.

Resolves #12599
 2022-08-25 21:54:51 -03:00
Bastian
343d181a4e
KEYCLOAK-18289: use utf-8 encoding for simplehttp (#8025) 
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
 2022-08-25 13:02:41 +02:00
Pedro Igor
25be07be17 Allow introspecting tokens issued during token exchange with delegation semantics 
Closes #9337
 2022-08-24 09:47:04 -03:00
Lex Cao
6b1c64a1a9
Add rememberMe to a user session representation(#13408) (#13765) 
Closes #13408
 2022-08-23 15:28:52 +02:00
David Anderson
ce1331f550
Remove bouncycastle dependency from keycloak-services (#13489) 
Closes #12857


Co-authored-by: mposolda <mposolda@gmail.com>
 2022-08-22 15:43:59 +02:00
David Anderson
865a180c00
Remove bc dependency from server-spi and server-spi-private (#13319) 
Closes #12858
 2022-07-26 11:52:16 +02:00
Douglas Palmer
c00514d659
Support for post_logout_redirect_uris in OIDC client registration (#12282) 
Closes #10135
 2022-07-25 10:57:52 +02:00
Stian Thorgersen
a251d785db
Remove text based login flows (#13249) 
* Remove text based login flows

Closes #8752

* Add display param back in case it's used by some custom authenticators
 2022-07-22 15:15:25 +02:00
Alexander Schwartz
cb81a17611 Disable Infinispan for map storage and avoid the component factory when creating a realm independent provider factory 
Provide startup time in UserSessionProvider independent of Infinispan,
cleanup code that is not necessary for the map storage as it isn't using Clustering.
Move classes to the legacy module.

Closes #12972
 2022-07-22 08:20:00 +02:00
Alexander Schwartz
d30646b1f6 Refactor object locking for UserSessions 
Closes #12717
 2022-07-19 17:47:33 -03:00
Alexander Schwartz
30b41d02b4 Move non-map-storage related classes to new package 
Closes #13081
 2022-07-15 09:46:29 -03:00
Marcelo Daniel Silva Sales
f7a80409a9
Add flow to generate secret length based on signature algorithm (#13107) 
Closes #9376
 2022-07-15 11:06:07 +02:00
Vlasta Ramik
ec853a6b83
JPA map storage: User / client session no-downtime store (#12241) 
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>

Closes #9666
 2022-07-14 12:07:02 -03:00
Pedro Igor
5b48d72730 Upgrade Resteasy v4 
Closes #10916

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2022-07-11 12:17:51 -03:00
Martin Bartoš
07ab29378b Make WebAuthn required actions enabled by default 
Closes #12723
 2022-07-11 15:32:40 +02:00
Michal Hajas
0f86427dd0 Make user->client sessions relationship consistent 
Closes #12817
 2022-07-11 08:42:28 -03:00
Alexander Schwartz
098d4dda0e
Split PublicKeyStorageProvider (#12897) 
Split PublicKeyStorageProvider

- Extract clearCache() method to separate interface and move it to the legacy module
- Make PublicKeyProvider factories environment dependent
- Simple map storage for public keys that just delegates

Resolves #12763

Co-authored-by: Martin Kanis <mkanis@redhat.com>
 2022-07-05 09:57:51 -03:00
Alexander Schwartz
4b20e90292 Move session persistence package to legacy-private module 
Also, disabling the jpa session persister when map storage is enabled.

Closes #12712
 2022-07-04 10:05:26 -03:00
Jon Koops
06d1b4faab Restore enum variant of ResourceType 
This reverts commit 3b5a578934.
 2022-06-30 12:20:51 -03:00
Alexander Schwartz
b581c203e3 Moving ClientScopeStorageProviderModel to the legacy modules 
Closes #12656
 2022-06-29 20:04:32 +02:00
Alexander Schwartz
05f8f3038f Moving GroupStorageProviderModel to the legacy modules 
Closes #12656
 2022-06-29 20:04:32 +02:00
Alexander Schwartz
692ce0cd91 Moving ClientStorageProvider to the legacy modules 
This prepares the move of CachedObject and CacheableStorageProviderModel

Closes #12531

fixup! Moving ClientStorageProvider to the legacy modules
 2022-06-29 20:04:32 +02:00
vramik
3b5a578934 Change enum ResourceType to interface with String constants 
Closes #12485
 2022-06-29 13:35:11 +02:00
Lex Cao
c3c8b9f0c8
Add client_secret to response when token_endpoint_auth_method is not private_key_jwt (#12609) 
Closes #12565
 2022-06-29 10:19:18 +02:00
Clara Fang
4643fd09e3 Replace occurrences of getParameterTypes().length and getParameters().length with getParameterCount() 
This should reduce GC pressure.

Closes #12644
 2022-06-29 08:53:09 +02:00
Konstantinos Georgilakis
ccc0449314 json device code flow error responses 
closes #11438
 2022-06-29 07:23:02 +02:00
Alexander Schwartz
4b499c869c Encapsulate MigrationModelManager in legacy module 
Closes #12214
 2022-06-28 10:53:04 +02:00
Pedro Igor
3d2c3fbc6a Support JSON objects when evaluating claims in regex policy 
Closes #11514
 2022-06-23 14:04:09 -03:00
rmartinc
711440e513 [#11036] Identity Providers: Add support for elliptic curve signatures (ES256/ES384/ES512) using JWKS URL 2022-06-21 10:52:25 -03:00
Alexander Schwartz
ae7c01b719 Moving the CacheRealmProvider interface to the legacy module 2022-06-21 08:53:06 +02:00
Alexander Schwartz
7855b93390 Moving the UserCache interface to the legacy module 
Co-Authored-By: hmlnarik@redhat.com
 2022-06-21 08:53:06 +02:00
Alexander Schwartz
84d21f0230 for all added files in the PR, update the copyright header or add it if it was missing 2022-06-21 08:53:06 +02:00
Alexander Schwartz
a109e28be7 moving some functionality around imports 2022-06-21 08:53:06 +02:00
Alexander Schwartz
f89b8c356d Moving logic to create a user from a representation to the legacy module 2022-06-21 08:53:06 +02:00
Hynek Mlnarik
e396d0daa1 Renaming SingleUserCredentialManager and UserModel.getUserCredentialManager(): 
- class SingleUserCredentialManager to SingleEntityCredentialManager
- method UserModel.getUserCredentialManager() to credentialManager()

Renaming of API without "get" prefix to make it consistent with other APIs like for example with KeycloakSession
 2022-06-21 08:53:06 +02:00
Alexander Schwartz
14a369a8cc Added LegacySessionSupport SPI 
While some methods around onCache() are still called from the legacy code, all other methods log a warning with a stacktrace.
 2022-06-21 08:53:06 +02:00
Alexander Schwartz
6f287e7ded Avoid using methods on UserCredentialStoreManager 2022-06-21 08:53:06 +02:00
Alexander Schwartz
bc8fd21dc6 SingleUserCredentialManager moving in 
- UserStorageManager now handles authentication for old Kerberos+LDAP style
- new getUserByCredential method in MapUserProvider would eventually do the same.
 2022-06-21 08:53:06 +02:00
Alexander Schwartz
82094d113e Move User Storage SPI, introduce ExportImportManager 2022-06-21 08:53:06 +02:00
Hynek Mlnarik
703e868a51 Preparation for moving User Storage SPI 
- Introduction of new AdminRealmResource SPI
- Moving handler of /realm/{realm}/user-storage into model/legacy-service
- session.users() and userStorageManager() moved refers legacy module
  IMPORTANT: Broken as UserStorageSyncManager is not yet moved
 2022-06-21 08:53:06 +02:00
Hynek Mlnarik
36f76a37ad Move realms, clients, groups, roles, clientscopes into legacy module 
- Introduces Datastore SPI for isolating data store methods
- Introduces implementation of the datastore for legacy storage
- Updates DefaultKeycloakSession to leverage Datastore SPI instead
  of direct creating of area providers by the session
 2022-06-21 08:53:06 +02:00
Michal Hajas
0719d3e49b Remove EXPIRATION fields and add expired entities filtering to all queries automatically 
Closes #12563
 2022-06-20 21:45:32 +02:00