keycloak-scim

Author	SHA1	Message	Date
Hynek Mlnarik	c092c76ae8	Remove ldapsOnly (Java) In `LDAPConstants.java`, the function to set the Truststore SPI system property was removed, as this is now handled by the `shouldUseTruststoreSpi` method in `LdapUtil`. Closes: #9313	2023-06-28 08:30:09 +02:00
Pedro Igor	d0691b0884	Support for the locale user attribute Closes #21163	2023-06-27 09:21:08 -03:00
Erik Jan de Wit	3a3907ab15	changed to use `ConfiguredProvider` instead (#21097 ) fixes: #15344	2023-06-27 08:00:32 -04:00
Douglas Palmer	f526f7a091	Emails with non-ascii characters are not allowed since v21.0.0 closes #20878	2023-06-22 10:27:48 -03:00
Pedro Igor	eb5edb3a9b	Support reading base32 encoded OTP secret Closes #9434 Closes #11561	2023-06-22 08:08:13 -03:00
mposolda	dc3b037e3a	Incorrect Signature algorithms presented by Client Authenticator closes #15853 Co-authored-by: Jon Koops <jonkoops@gmail.com>	2023-06-21 08:55:58 +02:00
Stian Thorgersen	f82577a7f3	Removed old account console (#21098 ) Co-authored-by: Jon Koops <jonkoops@gmail.com> Closes #9864	2023-06-20 20:46:57 +02:00
Alexander Schwartz	9425432f2c	Handle HTTP response codes when retrieving data from remote endpoints Closes #20895	2023-06-12 13:37:59 +02:00
rmartinc	f3fcf1f8c5	Session cross-reference / transaction mismatch Closes https://github.com/keycloak/keycloak/issues/20855	2023-06-12 13:18:39 +02:00
Vlasta Ramik	ed473da22b	Clean-up of deprecated methods and interfaces Fixes #20877 Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2023-06-09 17:11:20 +00:00
Rinus Wiskerke	fbfdb54745	Strip rotated client secret from export json (#19394 ) Closes #19373	2023-06-09 10:46:28 +02:00
Réda Housni Alaoui	eb9bb281ec	Require user to agree to 'terms and conditions' during registration	2023-06-08 10:39:00 -03:00
Marek Posolda	8080085cc1	Removing 'http challenge' authentication flow and related authenticators (#20731 ) closes #20497 Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2023-06-08 14:52:34 +02:00
Alice Wood	7e56938b74	Extend group search attribute functionality to account for use case where only the leaf group is required	2023-06-07 08:52:23 -03:00
rmartinc	9bc30f4705	EventBuilder fixes to copy the store and session context Closes https://github.com/keycloak/keycloak/issues/20757 Closes https://github.com/keycloak/keycloak/issues/20105	2023-06-07 08:34:27 -03:00
Artur Baltabayev	041441f48f	Improved Reset OTP authenticator (#20572 ) * ResetOTP authenticator can now be configured, so that one or all existing OTP configurations are deleted upon reset. Closes #8753 --------- Co-authored-by: bal1imb <Artur.Baltabayev@bosch.com>	2023-06-06 08:30:44 -03:00
rmartinc	81aa588ddc	Fix and correlate session timeout calculations in legacy and new map implementations Closes https://github.com/keycloak/keycloak/issues/14854 Closes https://github.com/keycloak/keycloak/issues/11990	2023-06-05 18:46:23 +02:00
Alexander Schwartz	cd9e0be9f0	Filter first, then sort, and avoid atomics Closes #20394	2023-06-05 11:23:54 +02:00
Pedro Igor	8aeee928e8	Allow configuring the referrer policy (#19917 ) * Allow configuring the referrer policy Closes #17288 * fixed indentation --------- Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>	2023-05-30 12:27:12 -04:00
Stefan Guilhen	2252b09949	Remove deprecated default roles methods Closes #15046	2023-05-23 22:32:52 +02:00
Dominik Schlosser	8c58f39a49	Updates Datastore provider to contain full data model Closes #15490	2023-05-16 15:05:10 +02:00
Alexander Schwartz	910021408e	Use entity locking only for the map storage This is a performance optimization that the new feature doesn't affect the old store. Closes #20176	2023-05-15 10:20:35 +02:00
Alexander Schwartz	2758d78865	Avoid exception when looking up the providerId This is a performance optimization, as creating an exception is expensive. Closes #20176	2023-05-15 10:20:35 +02:00
Martin Bartoš	6118e5cfb7	Use JakartaEE dependencies --- Quarkus3 branch sync no. 14 (24.4.2023) Resolved conflicts: keycloak/pom.xml - Modified --- Quarkus3 branch sync no. 5 (10.2.2023) Resolved conflicts: keycloak/pom.xml - Modified	2023-04-27 13:36:54 +02:00
Martin Bartoš	7cff857238	Migrate packages from javax.* to jakarta.* --- Quarkus3 branch sync no. 14 (24.4.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ComponentExportImportTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/FederatedStorageExportImportTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java - Modified keycloak/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java - Modified --- Quarkus3 branch sync no. 13 (11.4.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AccountTotpPage.java - Deleted keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java - Modified --- Quarkus3 branch sync no. 12 (31.3.2023) Resolved conflicts: keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/services/resources/QuarkusWelcomeResource.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/profile/util/Soap.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/UserInfoClientUtil.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified --- Quarkus3 branch sync no. 10 (17.3.2023) Resolved conflicts: keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java - Modified --- Quarkus3 branch sync no. 9 (10.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosSingleRealmTest.java - Modified keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java - Modified --- Quarkus3 branch sync no. 8 (3.3.2023) Resolved conflicts: keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/SamlClient.java Modified - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java - Modified keycloak/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionAuthenticator.java - Modified --- Quarkus3 branch sync no. 6 (17.2.2023) Resolved conflicts: keycloak/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ComponentsResource.java - Modified keycloak/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java - Modified keycloak/services/src/main/java/org/keycloak/protocol/saml/installation/SamlSPDescriptorClientInstallation.java - Modified --- Quarkus3 branch sync no. 5 (10.2.2023) Resolved conflicts: /keycloak/services/src/main/java/org/keycloak/social/google/GoogleIdentityProvider.java Modified - Modified keycloak/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java - Modified --- Quarkus3 branch sync no. 4 (3.2.2023) Resolved conflicts: keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/integration/jaxrs/QuarkusKeycloakApplication.java - Modified --- Quarkus3 branch sync no. 1 (18.1.2023) Resolved conflicts: keycloak/testsuite/client/ClientPoliciesTest.java - Deleted keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java - Modified keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaModelCriteriaBuilder.java - Modified	2023-04-27 13:36:54 +02:00
mposolda	1cbdf4d17e	Fix the issue with LDAP connectionUrl containing multiple hosts Closes #17359	2023-04-16 17:41:22 +02:00
mposolda	4d8d6f8cd8	Preserve authentication flow IDs after import closes #9564	2023-04-03 16:01:52 +02:00
Hynek Mlnarik	0d5363d0d5	Throw an exception rather than returning response Closes: #17644	2023-04-03 14:43:50 +02:00
rmartinc	c6a1820a47	Use SimpleHttp for SOAP calls Closes https://github.com/keycloak/keycloak/issues/17139	2023-03-31 10:57:47 -03:00
Alexander Schwartz	251f6151e8	Rework the Import SPI to be configurable via the Config API Also rework the export/import CLI for Quarkus, so that runtime options are available. Closes #17663	2023-03-24 15:28:55 -03:00
Alexander Schwartz	513bb809f3	Add a map storage global locking implementation for JPA Closes #14734	2023-03-21 08:21:11 +01:00
Pedro Igor	a30b6842a6	Decouple the policy enforcer from adapters and provide a separate library Closes keycloak#17353	2023-03-17 11:40:51 +01:00
Alexander Schwartz	f6f179eaca	Rework the export to use CLI options and property mappers Also, adding the wiring to support Model tests for the export. Closes #13613	2023-03-07 08:22:12 +01:00
mposolda	a0192d61cc	Redirect loop with authentication success but access denied at default identity provider closes #17441	2023-03-06 10:45:01 +01:00
Jon Koops	972ebb9650	Use a valid SemVer format for the SNAPSHOT version (#17334 ) * Use a valid SemVer format for the SNAPSHOT version * Update pom.xml * Update pom.xml --------- Co-authored-by: Stian Thorgersen <stianst@gmail.com> Co-authored-by: Stian Thorgersen <stian@redhat.com>	2023-03-03 11:11:44 +01:00
Vilmos Nagy	4b0562da38	#16161 implement an EventBuilder constructor which can be called from scheduled tasks	2023-02-27 15:52:37 -03:00
Douglas Palmer	1d75000a0e	Create an SPI for DeviceActivityManager closes #17134	2023-02-20 09:29:11 +01:00
Hynek Mlnarik	e30e1eca68	Ensure that concatenated Stream is closed once read Fixes: #15781	2023-02-17 13:00:32 +01:00
Christian Hörtnagl	ff71cbc4f3	* fix typos in javadoc	2023-02-13 08:53:47 +01:00
laskasn	dc8b759c3d	Use encryption keys rather than sig for crypto in SAML Closes #13606 Co-authored-by: mhajas <mhajas@redhat.com> Co-authored-by: hmlnarik <hmlnarik@redhat.com>	2023-02-10 12:06:49 +01:00
Stefan Guilhen	1da6244ec0	Add retry logic to LoginActionsService#authenticate In addition to that, avoid adding cookies on each retry. Closes #15849 Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2023-02-09 11:56:15 +01:00
Michal Hajas	6fa62e47db	Leverage HotRod client provided transaction Closes #13280	2023-02-08 10:26:30 +01:00
Pedro Igor	7b58783255	Allow mapping claims to user attributes when exchanging tokens Closes #8833	2023-02-07 10:57:35 +01:00
Thomas Darimont	e38b7adf92	Revise blacklist password policy provider #8982 - Reduce false positive probability from 1% to 0.01% to avoid rejecting to many actually good passwords. - Make false positive rate configurable via spi config - Revised log messages Supported syntax variant: `passwordBlacklist(wordlistFilename)` Fixes #8982 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2023-02-07 10:36:39 +01:00
Pedro Igor	d97b9c48c4	Make sure PBKDF2 providers are using the expect size for derived keys (#16798 ) Closes #16797	2023-02-03 15:31:25 +01:00
Alexander Schwartz	c6aba2e3de	Make LockAcquiringTimeoutException a RuntimeException Closes #16690	2023-01-31 08:21:32 +01:00
Marek Posolda	33ff9ef17e	Fix remaining failing tests with BCFIPS approved mode (#16699 ) * Fix remaining failing tests with BCFIPS approved mode Closes #16698	2023-01-30 16:01:57 +01:00
mposolda	ac490a666c	Fix KcSamlSignedBrokerTest in FIPS. Support for choosing realm encryption key for decrypt SAML assertions instead of realm signature key Closes #16324	2023-01-10 20:39:59 +01:00
Pedro Igor	d797d07d8f	Ignore user profile attributes for service accounts Closes #13236	2023-01-10 16:26:53 +01:00
Réda Housni Alaoui	dbe0c27bcf	Allowing client registration access token rotation deactivation	2023-01-05 20:53:57 +01:00

1 2 3 4 5 ...

816 commits