libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
23769 commits 4 branches 5 tags 480 MiB
Commit graph

2222 commits

Author SHA1 Message Date
Alexander Schwartz
b9498b91cb
Deprecating the offline session preloading (#26160) 
Closes #25300

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-16 09:29:01 +01:00
Alexander Schwartz
a8eca6add0
Changing to the Infinispan BOM to avoid mis-aligned Infinispan dependencies (#26137) 
Closes #22922

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
 2024-01-15 09:20:47 +01:00
mposolda
692aeee17d Enable user profile by default 
closes #25151

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-01-11 12:48:44 -03:00
Réda Housni Alaoui
98230aa372 Add federated identity ProviderEvent(s) 
Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
 2024-01-10 11:56:38 -03:00
Alexander Schwartz
01939bcf34
Remove concurrent loading of remote sessions as at startup time only one node is up anyway. (#25709) 
Closes #22082

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Martin Kanis <martin-kanis@users.noreply.github.com>
 2024-01-09 16:55:22 +01:00
atharva kshirsagar
d7542c9344 Fix for empty realm name issue 
Throw ModelException if name is empty when creating/updating a realm

Closes #17449

Signed-off-by: atharva kshirsagar <atharva4894@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-01-05 14:23:42 +01:00
Réda Housni Alaoui
5287500703 @NoCache is not considered anymore 
Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
 2024-01-02 09:06:55 -03:00
Pedro Igor
810ebf4efd Migration steps for enabling user profile by default 
Closes #25528

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2023-12-19 10:19:45 -03:00
Alexander Schwartz
9e4fc3f491 Keep workaround permanently for concurrent shutdowns of embedded Infinispan 
Closes #9871

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2023-12-15 10:58:22 +01:00
Alexander Schwartz
e01827693a Avoid shutdown of Infinispan when using cache 
Closes #24508

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2023-12-13 15:46:37 +01:00
Alexander Schwartz
a8cff72ed0
Avoid logged warning about objects not present in the cache for tasks (#25324) 
Closes #25322

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2023-12-08 13:10:14 +01:00
Alexander Schwartz
5b1b3ca11b
Allow concurrent remote cache operations (#25390) 
Closes #25388

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2023-12-08 10:07:25 +01:00
Pedro Igor
ab1173182c Make sure realm is available from session when migrating to 23 
Closes #25183

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2023-12-06 07:42:54 -03:00
Alexander Schwartz
e4be3ed244
Prevent client cache stampede after invalidation of a client or on startup (#25217) 
Closes #24202

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2023-12-05 16:01:37 +01:00
Michal Hajas
ec061e77ed
Remove GlobalLockProviderSpi (#25206) 
Closes #24103

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2023-12-01 16:40:56 +00:00
vramik
587cef7de4 Delete Profile.Feature.MAP_STORAGE 
Signed-off-by: vramik <vramik@redhat.com>

Closes #24102
 2023-11-30 13:04:39 +01:00
rmartinc
16afecd6b4 Allow automatic download of SAML certificates in the identity provider 
Closes https://github.com/keycloak/keycloak/issues/24424

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2023-11-29 18:03:31 +01:00
Michal Hajas
2b2207af93
Publish information about Infinispan availability in lb-check if MULTI_SITE is enabled 
Closes #25077

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2023-11-29 11:06:41 +00:00
Pedro Igor
2c611cb8fc User profile configuration scoped to user-federation provider 
closes #23878

Co-Authored-By: mposolda <mposolda@gmail.com>

Signed-off-by: mposolda <mposolda@gmail.com>
 2023-11-27 14:45:44 +01:00
Sebastian Schuster
030f42ec83
More efficient listing of assigned and available client role mappings 
Closes #23404

Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>
Co-authored-by: Vlasta Ramik <vramik@users.noreply.github.com>
 2023-11-22 14:10:11 +01:00
Alexander Schwartz
a45934a762 Disable cache store and load only if a remote store is used 
Closes #10803
Closes #24766

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: daviddelannoy <16318239+daviddelannoy@users.noreply.github.com>
 2023-11-20 18:50:02 +01:00
Douglas Palmer
f9665acc29 KeycloakErrorHandler NullPointerException String.toLowerCase() because message is null 
Closes #22958
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2023-11-16 18:06:33 +01:00
Réda Housni Alaoui
3f014c7299
Cannot display 'Authentication Flows' screen when a realm contains more than ~4000 clients (#21058) 
closes #21010 

Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
 2023-11-13 19:13:01 +01:00
vramik
926be135e8 Remove map related modules 
Signed-off-by: vramik <vramik@redhat.com>

Closes #24100
 2023-11-13 12:34:52 +01:00
Alexander Schwartz
26e2fde115
Avoid reseting cachemanger to null to avoid a re-initialization (#24086) 
Also follow best practices of using volatile variables for double-locking, and not using shutdown caches.

Closes #24085
 2023-11-08 11:33:44 -05:00
vramik
6fa26d7ff4 Delete map dependencies from dependency management 
Closes #24101
 2023-11-08 13:53:17 +01:00
vramik
593c14cd26 Data too long for column 'DETAILS_JSON' 
Closes #17258
 2023-11-02 20:29:35 +01:00
rokkiter
e1735138cb
clean util * (#24174) 
Signed-off-by: rokkiter <yongen.pan@daocloud.io>
 2023-11-01 17:14:11 +01:00
ashwingroot
dee1cec290 fix to preload offline sessions faster 
slow loading offline tokens during start up leads to connection timeout
closes #24295
 2023-10-30 12:58:06 +01:00
Alice
69497382d8
Group scalability upgrades (#22700) 
closes #22372 


Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2023-10-26 16:50:45 +02:00
Hynek Mlnarik
c036980c37 Add TRANSIENT_USERS feature flag 2023-10-25 12:02:35 +02:00
Hynek Mlnarik
26328a7c1e Support for transient sessions via lightweight users 
Part-of: Add support for not importing brokered user into Keycloak database

Closes: #11334
 2023-10-25 12:02:35 +02:00
Hynek Mlnarik
35a226f928 Expose InMemoryUserAdapter to services and model modules 
Part-of: Add support for not importing brokered user into Keycloak database

Closes: #11334
 2023-10-25 12:02:35 +02:00
Marek Posolda
1bd6aca629
Remove RegistrationProfile class and handle migration (#24215) 
closes #24182


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2023-10-24 20:19:33 +02:00
Martin Kanis
10a2c96c72
Users in role Rest API returns empty when User federation used (#23318) 
* Users in role Rest API returns empty when User federation used

Co-authored-by: Shankar Yadav <ET1024@neeyamoworks.com>
Co-authored-by: Martin Kanis <mkanis@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2023-10-24 11:10:20 -04:00
rmartinc
ad01ed1497 Do not reset the user profile configuration on disable 
Closes https://github.com/keycloak/keycloak/issues/23527
 2023-10-24 03:05:34 -07:00
Håvar Nøvik
bc55846809
Fixes a NullPointerException after import validation (#20151) 
* Fixes a NullPointerException after import validation

If the import validation (when getting a user by email)
returns null, indicating that the user entity should be
removed from local storage, an email equality check results
in a NullPointerException.

This commit fixes this issue by explicitly checking for null.

Closes #20150

---------
Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2023-10-23 17:19:25 -04:00
vramik
a0f04fa2be Declarative User Profile export 
Closes #12062
Resolves #20885
 2023-10-21 19:21:20 +02:00
JesseEstum
71777df3d9
Prevent stampede after realm cache invalidation 
Closes #22988 

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2023-10-21 18:47:13 +02:00
Marek Posolda
829b7090fa
Avoid breaking change in UserSessionModel (#24134) 
closes #24096


Co-authored-by: Michal Hajas <mhajas@redhat.com>
 2023-10-20 18:06:07 +02:00
mposolda
04777299b0 After tab1 finish authentication, make sure that rootAuthenticationSession is expired shortly 
closes #23880
 2023-10-19 19:23:50 +02:00
Vlasta Ramik
f6d582c761
Import migration step for kc22 
Closes #24031

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2023-10-19 09:00:49 +02:00
shigeyuki kabano
6112b25648 Enhancing Light Weight Token(#22148) 
Closes #21183
 2023-10-17 13:12:36 +02:00
Alice Wood
5a76ddfc2e Remove realm model storage from OAuth2DeviceConfig class to avoid persisting old session and entity manager in infinispan fixes keycloak/keycloak#23943 2023-10-16 16:18:31 +02:00
Lex Cao
eedc4ceb18 Fix unexpected expiration when import offline client session 
Closes #23397
 2023-10-13 15:45:07 +02:00
Charley Wu
31759f9c37
WebAuthn support for native applications. Support custom FIDO2 origin validation (#23156) 
Closes #23155
 2023-10-13 15:25:10 +02:00
Steve Hawkins
7c6f173d3a adds the ability to set the default groups via kcadm 
Closes #19125
 2023-10-06 17:30:24 +02:00
Martin Kanis
0853d484ec
Remove transaction in InfinispanSingleUseObjectProvider#remove (#23708) 
Co-authored-by: mposolda <mposolda@gmail.com>
 2023-10-06 10:00:04 +02:00
vramik
7f2f4aae67 Upgrade liquibase version to avoid a bug where a changeset is executed twice 
Closes #23220
 2023-10-05 13:35:05 +02:00
Michal Hajas
496c5ad989 Use new findGroupByPath implementation and remove the old one 
Closes #23344

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2023-09-25 10:44:24 +02:00