libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
18485 commits 4 branches 5 tags 480 MiB
Commit graph

3979 commits

Author SHA1 Message Date
Douglas Palmer
181e1b914f Update to UA Parser 1.5.4 and use CachingParser 
closes #16729
 2023-03-08 11:46:39 +01:00
Tero Saarni
9052ec2b02
Add admin events for realm create/delete. (#10831) 
Closes #10733
 2023-03-07 15:57:06 +01:00
Simon Levermann
96c1cf3c49 Allow mapping of UserSessionNotes into UserInfo 
Fixes #15369
 2023-03-07 15:25:14 +01:00
rmartinc
a56b38c5a6 Don't remove session and don't reset restart cookie if passive check error 
Closes https://github.com/keycloak/keycloak/issues/11340
 2023-03-07 15:10:09 +01:00
rmartinc
06ff8b016c Don't set REMEMBER_ME if it's disabled at realm level 
Closes https://github.com/keycloak/keycloak/issues/11330
 2023-03-07 15:01:58 +01:00
Alexander Schwartz
f6f179eaca Rework the export to use CLI options and property mappers 
Also, adding the wiring to support Model tests for the export.

Closes #13613
 2023-03-07 08:22:12 +01:00
mposolda
a0192d61cc Redirect loop with authentication success but access denied at default identity provider 
closes #17441
 2023-03-06 10:45:01 +01:00
Michal Hajas
465019bec4 Extract attachDevice outside of storage layer 
Closes #17336
 2023-03-03 17:58:34 +01:00
Zakaria Amine
fb5a7f654b
trigger IDENTITY_PROVIDER_FIRST_LOGIN (and UPDATE_PROFILE ) event when identity provider flow succeeds (#15100) 
closes #15098
 2023-03-03 17:49:27 +01:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334) 
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2023-03-03 11:11:44 +01:00
mposolda
b28bde542f referrer_url is not correctly computed in account console 
closes #16484
 2023-03-01 20:49:15 +01:00
Marek Posolda
59f4fe1c60
NPE on Theme after upgrade to 21 when parent or import theme not exists (#17350) 
* NPE on Theme after upgrade to 21 when parent or import theme not exists
closes #17313

* Update per review
 2023-03-01 15:46:37 +00:00
mghalbi
e19e7bef2d fix error in check mediaType 2023-02-27 14:34:32 -03:00
mghalbi
116b2fed0c Added check for the presence of Content-Type header in the request 2023-02-27 14:34:32 -03:00
Pedro Igor
fbf5541802 Remove duplicated set-cookie header from response when expiring cookies 
Closes #17192
 2023-02-27 14:17:27 -03:00
lpa
3cd413dee1 SOAP backchannel logout for SAML protocol 
Closes #16293
 2023-02-27 14:24:12 +01:00
rmartinc
38a46726e4 Implement UserInfoTokenMapper in HardcodedRole and RoleNameMapper mappers 
Closes https://github.com/keycloak/keycloak/issues/15624
 2023-02-27 10:14:48 -03:00
mposolda
f180115d27 Log some details if error happens in CIBA authentication request 
Closes #14650
 2023-02-23 14:36:28 +01:00
Yohan Siguret
82423f38a1 Add user id to TOKEN_EXCHANGE events 
Co-authored-by: thaDude <ogdude@googlemail.com>
 2023-02-22 17:13:48 -03:00
Hynek Mlnarik
878debd2ab Forbid changing ID 
Closes: #16881
 2023-02-22 17:19:22 +01:00
Marek Posolda
b9ab942ef8
FIPS related docs (#17196) 
* FIPS related docs
Closes #16444 #12432 #12429

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
 2023-02-22 12:47:15 +01:00
Alexander Schwartz
54048f1e6c Callers need to indicate if cookies need to be set at the end of the transaction 
Closes #17141
 2023-02-21 11:54:32 +01:00
Douglas Palmer
1d75000a0e Create an SPI for DeviceActivityManager 
closes #17134
 2023-02-20 09:29:11 +01:00
Zakaria Amine
0972edd6a5
Fix label for IdpReviewProfileAuthenticatorFactory (take 2) (#17062) 
Use static english text for IdpReviewProfileAuthenticatorFactory label config
Closes #16658
 2023-02-16 19:16:00 +01:00
drohwer89
4ff180da64
Terminating all sessions above the session limit (#16068) 
Adjusts implementation of UserSessionLimitsAuthenticator to terminate all sessions above the session limit.

Closes #14689

Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2023-02-16 17:56:59 +01:00
summersab
a64f6dcfc2 Update TotpBean.java 
Add a `getUsername()` method to the `TotpBean` class so usernames can be used in the TOTP templates.
 2023-02-16 08:13:39 -03:00
sui.jieqiang
1f6fa0501c Fix search user groups without limit 
Closes #12649
 2023-02-15 15:50:46 +01:00
Pedro Igor
9e46b9e43f Handling events after transaction completion using a separate session 
Closes #15656
 2023-02-14 13:10:57 +01:00
Alexander Schwartz
d4604984d0
Compatibility with Maven4 and parallel builds (#16312) 
Closes #16308
 2023-02-14 11:44:53 +01:00
laskasn
dc8b759c3d Use encryption keys rather than sig for crypto in SAML 
Closes #13606

Co-authored-by: mhajas <mhajas@redhat.com>
Co-authored-by: hmlnarik <hmlnarik@redhat.com>
 2023-02-10 12:06:49 +01:00
Stefan Guilhen
1da6244ec0 Add retry logic to LoginActionsService#authenticate 
In addition to that, avoid adding cookies on each retry.

Closes #15849

Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2023-02-09 11:56:15 +01:00
Dmitry Telegin
5f39aeb590 Pre-authorization hook for client policies 
Closes #9017
 2023-02-08 15:06:32 +01:00
Đặng Minh Dũng
d91eeac612 feat: support multi hd in GoogleIdentityProvider 
Signed-off-by: Đặng Minh Dũng <dungdm93@live.com>
 2023-02-07 11:32:35 -03:00
Stian Thorgersen
4782a85166
Remove old admin console feature (#16861) 
* Remove old admin console feature

Closes #16860

* Update help txt files for Quarkus tests
 2023-02-07 12:59:35 +01:00
Pedro Igor
7b58783255 Allow mapping claims to user attributes when exchanging tokens 
Closes #8833
 2023-02-07 10:57:35 +01:00
Denis Bernard
5db64133b8 Add Attribute to Group Mapper for SAML IDP 
Cleansing code as PR Comment

Add test for Advanced Attribute to Group Mapper

Closes #12950
 2023-02-06 10:58:48 -03:00
rmartinc
f8f112d8d2
Upgrade twitter4j (#16828) 
Closes https://github.com/keycloak/keycloak/issues/16731
 2023-02-03 15:28:37 +01:00
Marek Posolda
51bed81814
Fixes for OOB endpoint and KeycloakSanitizer (#16773) 
(cherry picked from commit 91ac2fb9dd50808ff5c76d639594ba14a8d0d016)
 2023-02-02 08:34:50 +01:00
Stian Thorgersen
d9025231f9
HTML Injection in Keycloak Admin REST API (#16765) 
Resolves #GHSA-m4fv-gm5m-4725

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2023-02-01 14:34:15 +01:00
Alexander Schwartz
c6aba2e3de Make LockAcquiringTimeoutException a RuntimeException 
Closes #16690
 2023-01-31 08:21:32 +01:00
Alexander Schwartz
7933f0489d Align startup of Quarkus with the regular startup to ensure boostrap locks are created. 
Also fixing an issue where DBLockGlobalLockProviderFactory held on to an old session, which lead to a closed DB connection on Quarkus.

Closes #16642
 2023-01-30 12:59:40 +01:00
Zakaria Amine
f067c9aa26
Fix label for IdpReviewProfileAuthenticatorFactory (#15293) 
Closes #16658
 2023-01-27 10:58:59 +01:00
Ikko Eltociear Ashimine
025d47c57a
Fix typo in UPConfigUtils.java (#16655) 
erorr -> error
 2023-01-27 07:41:03 +01:00
Pedro Igor
f6602e611b Allow managing the username idn homograph validator 
Closes #13346
 2023-01-26 04:55:43 -08:00
mposolda
a804400c84 Added KERBEROS feature. Disable it when running tests on FIPS 
closes #14966
 2023-01-25 18:38:46 +01:00
Benjamin Weimer
9176308d79 15812 Make DeclarativeUserProfileProvider MetaData Map thread safe 2023-01-25 06:28:04 -08:00
mposolda
16888eaeab Only available RSA key sizes should be shown in admin console 
Closes #16437
 2023-01-25 13:15:07 +01:00
Benjamin Weimer
69c114288d Return 404 when trying to retrieve non-existing external IDP token 2023-01-24 13:56:02 -08:00
Bastian
5ddb79cbe6
fix(account): do not leak into messages (#16212) 
Closes #16211
 2023-01-18 13:06:36 +01:00
Konstantinos Georgilakis
c73859794e Short verification_uri for Device Authorization Request 
Closes #16107
 2023-01-18 08:34:52 +01:00