libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
24534 commits 4 branches 5 tags 480 MiB
Commit graph

1152 commits

Author SHA1 Message Date
Michael Parlee
722ce950bf Improve user search performance 
Removes bulder.lower() from user search queries on email and username.

Closes #8893
 2022-03-04 14:15:14 +01:00
Vlasta Ramik
aa6a131b73
Change String client.id to ClientModel client in ResourceServerStore 
Closes #10442
 2022-02-24 12:46:26 +01:00
Luca Graf
febb447919 KEYCLOAK-19297 Use real 'external' client object id to store AuthenticatedClientSession in UserSession object, so that the client session can be looked by the client object id in further requests. 2022-02-18 12:42:59 +01:00
keycloak-bot
d9f1a9b207
Set version to 18.0.0-SNAPSHOT (#10165) 2022-02-11 21:28:06 +01:00
Stefan Guilhen
7c1d6eae43
Upgrade to Liquibase 4.6.2 
* Upgrade to Liquibase 4.6.2
* Add valid checksums to changesets to allow migration to newest liquibase
* Update liquibase licenses

Co-authored-by: Martin Kanis <mkanis@redhat.com>
 2022-02-09 12:56:46 +01:00
Martin Kanis
0471ec4941 Cross-site validation for lazy loading of offline sessions & Switch default offline sessions to lazy loaded 2022-02-03 21:43:47 +01:00
bal1imb
9621d513b5 KEYCLOAK-18727 Improve user search query 2022-01-26 17:03:05 +01:00
Guus der Kinderen
213b1f5042 Closes #9562: Add DB index for UserEntity getRealmUserByServiceAccount 2022-01-20 09:52:54 +01:00
Stefan Guilhen
2fd1593abf Set order of LiquibaseDBLockProviderFactory to 1 
- makes it the default provider when no provider is explicitly configured
- avoid NPE at server startup when other providers are present and none is set as default
 2022-01-13 08:30:25 +01:00
Dominik DS
93419a1797
KEYCLOAK-19289 check if values to set is not null (#8426) 
Closes #9529
 2022-01-12 09:22:01 +01:00
keycloak-bot
9f3d4a7d42 Set version to 17.0.0-SNAPSHOT 2021-12-20 10:50:39 +01:00
vramik
b4d720d615 Fix DB Migration Script to 13.0.0 
Closes #9138
 2021-12-15 14:00:29 +01:00
vramik
c6312e3308 KEYCLOAK-18717 KEYCLOAK-18716 KEYCLOAK-18715 KEYCLOAK-18713 KEYCLOAK-18712 KEYCLOAK-18711 JPA clients no-downtime store 2021-12-15 13:32:49 +01:00
Kashif Saadat
d9bf511406 KEYCLOAK-19052: Optimised (split) the clearExpiredEvents query to reduce execution time 2021-11-30 22:25:55 +01:00
vramik
6b8890f5dd KEYCLOAK-19525 Inconsistent creation of default-roles-<realm> 2021-11-23 21:30:12 +01:00
Martin Bartoš
1e1a6779be Issue 8814: Replace deprecated hamcrest-all dependencies 2021-11-23 13:56:28 +01:00
vramik
dacf28af84 KEYCLOAK-19536 Removal of client creates new instance of provider for each client role 2021-10-13 13:05:18 +02:00
Bart Monhemius
5b0986e490 [KEYCLOAK-18891] Add support for searching users by custom user attributes 
Users can now be searched by custom attributes using 'q' in the query parameters. The implementation is roughly the same as search clients by custom attributes.
 2021-10-12 13:08:47 +02:00
Michal Hajas
da0c945475 KEYCLOAK-18940 Add support for searching composite roles 2021-10-01 12:41:19 +02:00
Daniel Fesenmeyer
0a2f8f5b63 KEYCLOAK-17887 fix endpoint for creating or updating realm localization texts for a given locale (UnsupportedOperation was thrown because RealmAdapter tried to change unmodifiable map): 
- fix RealmAdapter to create a new map instead of trying to change unmodifiable map
- only provide POST endpoints for creating or updating the texts (to have the endpoints consistent with other Admin API endpoints)
- add tests
 2021-09-30 15:07:56 +02:00
Pedro Igor
10e425315f [KEYCLOAK-19274] - Avoid loading queries from properties at runtime for Dist.X 2021-09-24 09:26:43 +02:00
Daniel Fesenmeyer
339224578e KEYCLOAK-10603 adjust assignments to roles (user-role and group-role assignments, client-scope and client "scope mappings"): allow assignments of roles which are already indirectly assigned (e.g. by composite role) 
- extend RoleMapperModel with method hasDirectRole(RoleModel), which only checks for direct assignment in contrast to the existing method hasRole(RoleModel)
- extend ScopeContainerModel with method hasDirectScope(RoleModel), which only checks for direct scope mapping in contrast to the existing method hasScope(RoleModel)
- use the new hasDirectRole and hasDirectScope methods to check whether a role is in the "available" list and whether it can be assigned (previously, the hasRole method was used for this purpose)
- add hint to UI that available roles contain effectively assigned roles which are not directly assigned
- adjust and extend tests
 2021-09-22 13:56:29 +02:00
Luca Graf
2c22ccbf97 KEYCLOAK-19286 Use client storage provider id to construct client StorageId, so that a valid 'external' client id will be generated. 2021-09-20 19:43:20 +02:00
Dominik
4090114398 KEYCLOAK-16246 Revert changes from workaround made in KEYCLOAK-16244 after upgrading to quarkus 2 
Also fixed a small type in testclass.
This reverts commit 9b2f2015f7.
 2021-09-16 15:42:48 -03:00
rmartinc
47484c1aed KEYCLOAK-18842: deleteExpiredClientSessions very slow on MariaDB 2021-09-10 08:25:33 +02:00
vramik
d216f8f748 KEYCLOAK-19104 Add custom ForeignKeySnapshotGenerator 2021-09-02 09:59:26 +02:00
Martin Kanis
6886bd6651 KEYCLOAK-18941 ExecutionException when computed future - InfinispanCacheInitializer 2021-08-05 18:28:27 +02:00
Hynek Mlnarik
2acb43a627 KEYCLOAK-18617 Fix index on client attributes 2021-08-05 15:35:55 +02:00
keycloak-bot
262ec3d031 Set version to 16.0.0-SNAPSHOT 2021-07-30 14:56:10 +02:00
Hynek Mlnarik
0cdce1340d KEYCLOAK-18680 Always close result stream 2021-07-30 09:40:39 +02:00
bal1imb
fbaeb18a5f KEYCLOAK-18471 Added ID to admin event object. 2021-07-16 12:46:07 +02:00
Daniel Fesenmeyer
a25c70784c KEYCLOAK-18467 support unicode for realm localization texts 2021-07-15 10:30:42 +02:00
Hryhorii Hevorkian
2803685cd7 KEYCLOAK-18353 Implement Pushed Authorization Request inside the Keycloak 
Co-authored-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
Co-authored-by: mposolda <mposolda@gmail.com>
 2021-07-03 08:47:42 +02:00
vramik
2b9b50d50a KEYCLOAK-18194 fix migration of default role when realm id contains apostrophe 2021-07-01 11:22:11 +02:00
Hynek Mlnarik
8a83ec83ac KEYCLOAK-18589 map-storage profile for KeycloakServer 2021-06-30 20:47:17 +02:00
keycloak-bot
13f7831a77 Set version to 15.0.0-SNAPSHOT 2021-06-18 10:42:27 +02:00
vramik
e3c76035b2 KEYCLOAK-18359 Default role migration is not performed correctly when empty realm id 2021-06-14 20:54:37 +02:00
Václav Muzikář
9854f21ace KEYCLOAK-18332 Client Scopes are reset to realm's default when Client is updated 2021-06-11 07:41:18 +02:00
vramik
95bf912dc9 KEYCLOAK-18035 Fix update client with default default scope assigned as optional 2021-06-07 16:22:55 +02:00
vramik
2bf727d408 KEYCLOAK-17753 remove KeycloakModelUtils.isClientScopeUsed method 2021-05-28 21:07:14 +02:00
Michal Hajas
4dcb69596b KEYCLOAK-18146 Search for clients by client attribute when doing saml artifact resolution 2021-05-27 23:02:22 +02:00
Hynek Mlnarik
3d8f152787 KEYCLOAK-17747 KEYCLOAK-17754 Optimize getClients() calls 2021-05-27 22:12:56 +02:00
Hynek Mlnarik
94f676cb95 KEYCLOAK-18286 Add index to client_attributes 2021-05-27 13:31:33 +02:00
Martin Kanis
1ab0d585a9
KEYCLOAK-11019 Initial support for lazy offline user-session loading 
Co-authored-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Thomas Darimont <thomas.darimont@gmail.com>
 2021-05-26 09:54:28 +02:00
Hynek Mlnarik
860fc4c06c KEYCLOAK-17756 KEYCLOAK-17757 Optimize IdP-first lookup 2021-05-20 14:44:55 +02:00
Pedro Igor
a0f8d2bc0e [KEYCLOAK-17399] - Review User Profile SPI 
Co-Authored-By: Vlastimil Elias <vlastimil.elias@worldonline.cz>
 2021-05-20 08:44:24 -03:00
vramik
1c283cdebc KEYCLOAK-14301 OTP secrets migrated incorrectly 2021-05-20 13:19:27 +02:00
vramik
3913526934 KEYCLOAK-18031 Update to 13.0.0 fails due to liquibase error 2021-05-20 11:29:02 +02:00
mhajas
e609949264 KEYCLOAK-17267 Add index to user attribute name and value to support user sync from ldap 2021-05-19 13:38:11 +02:00
Hynek Mlnarik
c02a706a86 KEYCLOAK-17748 Optimize validation of redirect URIs in logout endpoint 
Reimplementation of KEYCLOAK-17718
 2021-05-18 20:31:21 +02:00
vramik
4d776cd780 KEYCLOAK-18137 Fix introduced SPI name 2021-05-18 20:30:21 +02:00
Václav Muzikář
62e6883524 KEYCLOAK-17084 KEYCLOAK-17434 Support querying clients by client attributes 2021-05-14 13:58:53 +02:00
Peter Flintholm
919899b994 KEYCLOAK-18039: Optimise offline session load on startup 
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
 2021-05-13 16:26:26 +02:00
Hynek Mlnarik
8feefe94ac KEYCLOAK-18074 Ignore server version for MySQL in ChangeLogHistoryService 2021-05-12 15:01:30 +02:00
Pedro Igor
6397671c88 [KEYCLOAK-17885] - Delete user-managed policies when removing groups 2021-05-10 16:33:23 -03:00
keycloak-bot
4b44f7d566 Set version to 14.0.0-SNAPSHOT 2021-05-06 14:55:01 +02:00
vramik
020dd530b9 KEYCLOAK-18009 Invalid role creation with oracle database 2021-05-06 09:01:42 +02:00
mposolda
20fc430be0 KEYCLOAK-17874 Server cannot be started with oracle19cRAC 2021-05-05 13:12:07 +02:00
vramik
0cecd0f33f KEYCLOAK-17992 MSSQL not updatable 2021-05-05 13:12:07 +02:00
Hynek Mlnarik
96501760e0 KEYCLOAK-17501 Add support for map storage in WildFly 2021-05-03 16:00:30 +02:00
Hynek Mlnarik
7d4255b2a1 KEYCLOAK-17871 Add support for running parallel model tests 2021-04-30 16:13:57 +02:00
Hynek Mlnarik
3e91e6f966 KEYCLOAK-17870 Fix ConcurrentModificationException upon liquibase initialization 2021-04-30 16:13:57 +02:00
Takashi Norimatsu
65c48a4183
KEYCLOAK-12137 OpenID Connect Client Initiated Backchannel Authentication (CIBA) (#7679) 
* KEYCLOAK-12137 OpenID Connect Client Initiated Backchannel Authentication (CIBA)

Co-authored-by: Andrii Murashkin <amu@adorsys.com.ua>
Co-authored-by: Christophe Lannoy <c4r1570p4e@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
 2021-04-29 15:56:39 +02:00
vramik
162043beec KEYCLOAK-17615 Move database initialization from KeycloakApplication to JpaConnectionProviderFactory 2021-04-28 13:43:48 +02:00
Yoshiyuki Tabata
45202bd49a KEYCLOAK-17637 Client Scope Policy for authorization service 2021-04-26 08:58:33 -03:00
Hynek Mlnarik
ff4c0e4412 KEYCLOAK-16935 Fix liquibase to work with MySQL 8.0.23+ 2021-04-21 20:20:33 +02:00
Michal Hajas
1e2db74d86 KEYCLOAK-16932 Authorization map storage 2021-04-16 17:26:16 +02:00
Takashi Norimatsu
42dec08f3c
KEYCLOAK-16805 Client Policy : Support New Admin REST API (Implementation) (#7780) 
* KEYCLOAK-16805 Client Policy : Support New Admin REST API (Implementation)

* support tests using auth-server-quarkus

* Configuration changes for ClientPolicyExecutorProvider

* Change VALUE of table REALM_ATTRIBUTES to NCLOB

* add author tag

* incorporate all review comments

Co-authored-by: mposolda <mposolda@gmail.com>
 2021-04-06 16:31:10 +02:00
vramik
185075d373 KEYCLOAK-14552 Realm Map Store 2021-03-31 15:49:03 +02:00
rmartinc
0a0caa07d6 KEYCLOAK-17215 Slowness issue while hitting /auth/admin/realms/$REALM/clients?viewableOnly=true after DELETE a role 2021-03-31 12:57:17 +02:00
vramik
c3b9c66941 KEYCLOAK-17460 invalidate client when assigning scope 2021-03-30 10:58:16 +02:00
Michito Okai
298ab0bc3e KEYCLOAK-7675 Support for Device Authorization Grant 2021-03-15 10:09:20 -03:00
Hiroyuki Wada
9d57b88dba KEYCLOAK-7675 Prototype Implementation of Device Authorization Grant. 
Author:    Hiroyuki Wada <h2-wada@nri.co.jp>
Date:      Thu May 2 00:22:24 2019 +0900

Signed-off-by: Łukasz Dywicki <luke@code-house.org>
 2021-03-15 10:09:20 -03:00
vramik
6e501946b1 KEYCLOAK-17021 Client Scope map store 2021-03-08 21:59:28 +01:00
Pedro Igor
0f30b3118a [KEYCLOAK-16676] - Client attributes should not be stored if null or empty 2021-03-03 15:37:05 +01:00
stefvdwel
11b0c23937 Reduced code duplication 2021-02-17 09:40:19 -03:00
stefvdwel
5a500055f6 Added permission ticket /count endpoint. Todo: testing 2021-02-17 09:40:19 -03:00
Pedro Igor
cdf0ead957
[KEYCLOAK-16780] - Allow batching writes to storage when running migration (#7717) 
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>

Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
 2021-01-29 09:35:19 -03:00
Martin Kanis
8432513daa KEYCLOAK-16908 Refactor UserSessionPersisterProvider 2021-01-29 09:29:00 +01:00
mposolda
99a70267d9 KEYCLOAK-16801 Improve performance of ClearExpiredEvents background task 2021-01-27 09:57:46 +01:00
Michito Okai
7f421fb20a KEYCLOAK-16844 Create an index to support offline sessions loading 2021-01-21 22:48:54 +01:00
Hynek Mlnarik
78c05d2da2 KEYCLOAK-16118 Replace MapStorage.entrySet() with search by criteria 
* Add model class parameter to MapStorage
* Add shortcut read(id) method to MapKeycloakTransaction
 2021-01-20 16:20:56 +01:00
Martin Kanis
9f580e3ed8 KEYCLOAK-15695 Streamification cleanup 2021-01-20 14:39:53 +01:00
Michal Hajas
ba8e2fef6b KEYCLOAK-15524 Cleanup user related interfaces 2021-01-18 16:56:10 +01:00
Yoshiyuki Tabata
ab1dba5fa6 KEYCLOAK-11908 Support for conditional creating indices based on number 
of records
 2021-01-12 09:06:27 +01:00
vramik
1402d021de KEYCLOAK-14846 Default roles processing 2021-01-08 13:55:48 +01:00
keycloak-bot
75be33ccad Set version to 13.0.0-SNAPSHOT 2020-12-16 17:31:55 +01:00
Michal Hajas
8e376aef51
KEYCLOAK-15847 Add MapUserProvider 2020-12-10 08:57:53 +01:00
Stefan Guilhen
edef93cd49 [KEYCLOAK-16232] Streamify the UserCredentialStore and UserCredentialManager interfaces 2020-12-07 19:48:35 +01:00
Stefan Guilhen
73d0bb34c4 [KEYCLOAK-16232] Replace usages of deprecated collection-based methods with the respective stream variants 2020-12-07 19:48:35 +01:00
Hynek Mlnarik
363df6cab4 KEYCLOAK-16405 Tests for storage logical layer 2020-11-25 12:16:48 +01:00
Stefan Guilhen
84df008bc2 [KEYCLOAK-16341] Make the new stream-based methods in server-spi user interfaces default instead of the collection-based versions. 
- this ensures that providing implementation for the collection-based methods is enough, which preserves
   backwards compatibility with older custom implementations.
 - alternative interfaces now allow new implementations to focus on the stream variants of the query methods.
 2020-11-18 21:07:51 +01:00
mposolda
9b2f2015f7 KEYCLOAK-16244 RealmRealmLocalizationResourceTest fails on auth-server-quarkus 2020-11-11 14:56:31 +01:00
Pedro Igor
852c4a57ff [KEYCLOAK-14468] - Scope permission sometimes not removed when removing scopes 2020-11-11 08:44:28 +01:00
Martin Kanis
d9029b06b9 KEYCLOAK-15889 Streamification of ProtocolMappers 2020-11-10 16:40:34 +01:00
Stefan Guilhen
aa46735173 [KEYCLOAK-15200] Complement methods for accessing users with Stream variants 2020-11-10 15:13:11 +01:00
Hynek Mlnarik
f0bdcdd204 KEYCLOAK-16113 Add JPA event test 2020-10-30 21:08:27 +01:00
Christoph Leistert
e131de9574 KEYCLOAK-14855 Added realm-specific localization texts which affect texts in every part of the UI (admin console / login page / personal info page / email templates). Also new API endpoints and a new UI screen to manage the realm-specific localization texts were introduced. 
Co-authored-by: Daniel Fesenmeyer <daniel.fesenmeyer@bosch.io>
 2020-10-30 08:02:43 -03:00
vramik
785f2e78bc KEYCLOAK-14977 create MapRoleProvider 2020-10-30 08:15:22 +01:00
Martin Kanis
b494b8bb44 KEYCLOAK-16034 Not scroll-able event queries for postgres and mssql 2020-10-30 08:10:00 +01:00
Hynek Mlnarik
925f089d62 KEYCLOAK-16077 Remove need for MapStorage.replace 2020-10-29 15:40:47 +01:00
mposolda
4f93dc8376 KEYCLOAK-11693 Clean startup log output in Keycloak.X 2020-10-23 09:33:54 -03:00
Martin Kanis
f5c52345fc KEYCLOAK-16033 Revert Jpa*EventQuery to getResultList 2020-10-22 13:33:30 +02:00
Daniel Fesenmeyer
de8d2eafa3 KEYCLOAK-14781 Extend Admin REST API with search by federated identity 
- Add parameters idpAlias and idpUserId to the resource /{realm}/users and allow it to be combined with the other search parameters like username, email and so on
- Add attribute "federatedIdentities" to UserEntity to allow joining on this field
- extend integration test "UserTest"
 2020-10-22 08:51:26 +02:00
mhajas
4556e858ad KEYCLOAK-15522 Use AbstractStorageManager in UserStorageManager 2020-10-15 20:41:13 +02:00
Martin Kanis
086f7b4696 KEYCLOAK-15450 Complement methods for accessing realms with Stream variants 2020-10-14 08:16:49 +02:00
Thomas Darimont
12576e339d KEYCLOAK-15146 Add support for searching users by emailVerified status 
We now allow to search for users by their emailVerified status.
This enables users to easily find users and deal with incomplete user accounts.
 2020-09-29 08:28:59 -03:00
mhajas
12bc84322a KEYCLOAK-14974 Map group storage provider 2020-09-21 15:56:32 +02:00
Martin Kanis
f037dabdc1 KEYCLOAK-15199 Use stream variant method in jpa/RoleAdapter.getFirstAttribute 2020-09-17 13:18:21 +02:00
Martin Kanis
5d5e56dde3 KEYCLOAK-15199 Complement methods for accessing roles with Stream variants 2020-09-16 16:29:51 +02:00
testn
706299557e KEYCLOAK-15174: ResourceServerAdapter.toEntity checks the wrong type 2020-09-10 12:19:25 -03:00
testn
c288175c03 KEYCLOAK-15208: PermissionTicketAdapter checks for the wrong type 2020-09-10 12:16:48 -03:00
Martin Kanis
4e9bdd44f3 KEYCLOAK-14901 Replace deprecated ClientProvider related methods across Keycloak 2020-09-07 13:11:55 +02:00
Martin Kanis
d59a74c364 KEYCLOAK-15102 Complement methods for accessing groups with Stream variants 2020-08-28 20:56:10 +02:00
Martin Kanis
4be99772d8 KEYCLOAK-14967 Closing streams obtained from JPA layer 2020-08-25 21:47:24 +02:00
Pedro Igor
cb57c58b4b [KEYCLOAK-14730] - Consent not working when using federation storage and client is displayed on consent screen 2020-08-19 10:08:21 +02:00
mhajas
ae39760a62 KEYCLOAK-14972 Add independent GroupProvider interface 2020-08-13 21:13:12 +02:00
vramik
bfa21c912c KEYCLOAK-14811 Create RoleProvider and make it independent of ClientProvider and RealmProvider 2020-07-31 15:11:25 -03:00
Martin Idel
bf411d7567 KEYCLOAK-14869: Fix nullpointer exception in FullNameLDAPStorageMapper 
Setting an attribute should be possible with a list
containing no elements or a null list

This can happen e.g. when creating users via idps
using a UserAttributeStatementMapper.

Fix this unprotected access in other classes too
 2020-07-28 09:54:37 +02:00
Martin Kanis
feef5b4db2 KEYCLOAK-14220 Complement methods for accessing clients with Stream variants 2020-07-27 10:38:39 +02:00
keycloak-bot
afff0a5109 Set version to 12.0.0-SNAPSHOT 2020-07-22 14:36:15 +02:00
Hynek Mlnarik
8fae2997c9 KEYCLOAK-14553 Improve logging 2020-07-22 00:08:15 +02:00
Hynek Mlnarik
c566b46e8f KEYCLOAK-14549 Make ClientProvider independent of RealmProvider 
Co-Authored-By: vramik <vramik@redhat.com>
 2020-07-22 00:08:15 +02:00
Pedro Igor
7501e42969 [KEYCLOAK-14646] - Improving permission resolution and evaluation 2020-07-21 14:22:09 +02:00
Yao
ec61c45da5 KEYCLOAK-4593: Moved NamedQuery to entity attribute to improve performance 2020-07-16 08:32:51 +02:00
Plamen Kostov
914b226d11 [KEYCLOAK-14282] Create additional filtering for GET /users endpoint for enabled/disabled users 2020-07-03 09:07:42 -03:00
Martin Idel
05b6ef8327 KEYCLOAK-14536 Migrate UserModel fields to attributes 
- In order to make lastName/firstName/email/username field
  configurable in profile
  we need to store it as an attribute
- Keep database as is for now (no impact on performance, schema)
- Keep field names and getters and setters (no impact on FTL files)

Fix tests with logic changes

- PolicyEvaluationTest: We need to take new user attributes into account
- UserTest: We need to take into account new user attributes

Potential impact on users:

- When subclassing UserModel, consistency issues may occur since one can
  now set e.g. username via setSingleAttribute also
- When using PolicyEvaluations, the number of attributes has changed
 2020-06-25 14:50:57 +02:00
Pedro Igor
d331091c5e [KEYCLOAK-11330] - Quarkus tests 2020-06-17 17:20:55 +02:00
kurisumakise2011
bfde3ac080 When any liquibase exception is thrown and it catches in LiquibaseJpaUpdaterProvider update method inside try\catch block, an exception will be retrown like RuntimeException, but it will not be logged anywhere. It reaches platform.exit(t) and then only message of wrapped RuntimeException is propagated. But real caused can be noticed only via debug mode. 2020-06-15 14:01:07 +02:00
Pedro Igor
e16f30d31f [KEYCLOAK-2343] - Allow exact user search by user attributes 
Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
 2020-06-10 12:02:50 -03:00
Yoshiyuki Tabata
f03ee2ec98 KEYCLOAK-14145 OIDC support for Client "offline" session lifespan 2020-06-04 14:24:52 +02:00
Pedro Igor
0870041b0b [KEYCLOAK-14335] - Not initializing entity associations and removing bi-directional ones 
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
 2020-06-02 11:31:10 -03:00
Pedro Igor
bae802bcfa [KEYCLOAK-11784] - Using Hibernate Extension 2020-05-14 11:10:46 +02:00
stianst
b04932ede5 KEYCLOAK-12414 Remove the need to specify defaults in config file 2020-05-13 09:02:29 -03:00
Álvaro Gómez Giménez
666832d1be KEYCLOAK-13066 Include resourceType in ScopePermissionRepresentation 2020-05-12 17:11:35 -03:00
Michael Cooney
3291161954 KEYCLOAK-13818: Addressing performance issues with adding client scopes during realm creation. Removing redundant lookups by passing all scopes that need to be created at once. 2020-05-12 15:59:42 +02:00
Pedro Igor
19ab9ba53d [KEYCLOAK-13829] - DML for DELETE is executed even though attribute does not exist 2020-05-06 14:04:06 +02:00
keycloak-bot
ae20b7d3cd Set version to 11.0.0-SNAPSHOT 2020-04-29 12:57:55 +02:00
Pedro Igor
601bf8d63e [KEYCLOAK-12735] - Improving queries and cache for authz 2020-04-29 03:58:03 +02:00
Yoshiyuki Tabata
874642fe9e KEYCLOAK-12406 Add "Client Session Max" and "Client Session Idle" for OIDC 2020-04-28 15:34:25 +02:00
stianst
5b017e930d KEYCLOAK-13128 Security Headers SPI and response filter 2020-04-28 15:28:24 +02:00
keycloak-bot
33314ae3ca Set version to 10.0.0-SNAPSHOT 2020-04-21 09:19:32 +02:00
mposolda
b29810c923 KEYCLOAK-13306 Model fixes for check realm when lookup by ID 
(cherry picked from commit e40a62de31f6f5d326234314a9e285010665f707)
 2020-04-21 08:19:50 +02:00
mposolda
6f62c0ed98 KEYCLOAK-13442 Backwards compatibility in users searching. searchForUser(String, RealmModel, int, int) is no longer called when searching users from the admin console 2020-03-27 13:29:55 +01:00
Pedro Igor
b812159193 [KEYCLOAK-10675] - Deleting an Identity Provider doesn't remove the associated IdP Mapper for that user 2020-03-26 11:41:17 +01:00
keycloak-bot
f6a592b15a Set version to 9.0.4-SNAPSHOT 2020-03-24 08:31:18 +01:00
mposolda
5ddd605ee9 KEYCLOAK-13259 2020-03-24 05:32:41 +01:00
vramik
86089d40b8 KEYCLOAK-13249 jpa-changelog-8.0.0.xml contains whitespace character 2020-03-18 09:36:23 +01:00
stianst
aece5d1b4c KEYCLOAK-5162 Add index to even table 2020-03-17 17:05:21 +01:00
rmartinc
ad3b9fc389 KEYCLOAK-12579: LDAP groups duplicated during UI listing of user groups 2020-03-11 06:14:29 +01:00
Sebastian Schuster
99aba33980 KEYCLOAK-13163 Fixed searching for user with fine-grained permissions 2020-03-09 09:56:13 -03:00
vramik
701fb06de1 KEYCLOAK-12968 fix ClientTest.getAllClientsSearchAndPagination for postgresql 2020-03-05 06:40:03 +01:00
Dmitry Telegin
08319db242 KEYCLOAK-13167 - JDBC resource leak in custom migrations 2020-03-02 21:19:07 +01:00
Hynek Mlnarik
93f05f9291 KEYCLOAK-12450 Revert em.clear() call 2020-03-02 11:22:29 +01:00
Erik Jan de Wit
93a1374558 KEYCLOAK-11129 coalesce possible null values 2020-02-27 09:11:29 +01:00
keycloak-bot
d352d3fa8e Set version to 9.0.1-SNAPSHOT 2020-02-17 20:38:54 +01:00
stianst
32fccfa99e KEYCLOAK-10391 Fix lower-case column names in IdentityProviderMapperEntity, while they are upper-case in Liquibase scripts 2020-02-06 13:31:12 +01:00
Axel Messinese
b73553e305 Keycloak-11526 search and pagination for roles 2020-02-05 15:28:25 +01:00
Leon Graser
01a42f417f Search and Filter for the count endpoint 2020-02-03 09:36:30 +01:00
Pedro Igor
658a083a0c [KEYCLOAK-9600] - Find by name in authz client returning wrong resource 2020-02-03 08:57:20 +01:00
vramik
a83467047b KEYCLOAK-9053 KEYCLOAK-9818 Increase column size for federated foreign keys 2020-01-31 21:24:55 +01:00
Marek Posolda
d46620569a
KEYCLOAK-12174 WebAuthn: create authenticator, requiredAction and policy for passwordless (#6649) 2020-01-29 09:33:45 +01:00
Denis Richtárik
24c6e2ba08 KEYCLOAK-12742 Authentication -> WebAuthn Policy: Unable to delete the Acceptable AAGUIDS via the provided minus (-) button, once set (#6695) 2020-01-24 11:55:20 +01:00
vramik
47d6d65bbb KEYCLOAK-12724 - workaround hibernate bug - set explicitly dialect for oracle version greater than 12 2020-01-22 18:34:11 +01:00
Denis Richtárik
8d312d748b KEYCLOAK-12163 Old account console: UI not updated after removing of TOTP (#6688) 2020-01-22 12:26:28 +01:00
Marek Posolda
8d49409de1
KEYCLOAK-12183 Refactor login screens. Introduce try-another-way link. Not show many credentials of same type in credential selector (#6591) 2020-01-14 21:54:45 +01:00
vramik
a2b3747d0e KEYCLOAK-7014 - Correctly handle null-values in UserAttributes 2020-01-10 12:44:52 +01:00
Douglas Palmer
106e6e15a9 [KEYCLOAK-11859] Added option to always display a client in the accounts console 2019-12-17 17:12:49 -03:00
vramik
c3d80651bf KEYCLOAK-12473 Add possibility to specify length of event detail when storing to database 2019-12-17 17:15:50 +01:00
Cristian Schuszter
5c7ce775cf KEYCLOAK-11472 Pagination support for clients 
Co-authored-by: stianst <stianst@gmail.com>
 2019-12-05 08:17:17 +01:00
Martin Kanis
685d49c693 KEYCLOAK-11967 Violation of UNIQUE KEY constraint SIBLING_NAMES (#6485) 2019-11-26 16:00:50 +01:00
keycloak-bot
76aa199fee Set version to 9.0.0-SNAPSHOT 2019-11-15 20:43:21 +01:00
vramik
af5df1e535 KEYCLOAK-11808 Add support for MySQL8, update supported database versions 2019-11-15 08:43:48 +01:00
stianst
3a36569e20 KEYCLOAK-9129 Don't expose Keycloak version in resource paths 2019-11-15 08:21:28 +01:00
AlistairDoswald
4553234f64 KEYCLOAK-11745 Multi-factor authentication (#6459) 
Co-authored-by: Christophe Frattino <christophe.frattino@elca.ch>
Co-authored-by: Francis PEROT <francis.perot@elca.ch>
Co-authored-by: rpo <harture414@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
Co-authored-by: Jan Lieskovsky <jlieskov@redhat.com>
Co-authored-by: Denis <drichtar@redhat.com>
Co-authored-by: Tomas Kyjovsky <tkyjovsk@redhat.com>
 2019-11-14 14:45:05 +01:00
Patrick Teubner
b3d87b52c2 KEYCLOAK-11888 Fix inconsistent pagination of groups by ordering the results of 'getTopLevelGroupIds' query 2019-11-11 09:22:51 +01:00
Wim Vandenhaute
b6ee342713 KEYCLOAK-4593 Flush and clear when fetching multiple realms for performance improvement with large number of realms 2019-11-04 21:11:26 +01:00
Hynek Mlnarik
f0685cc246 KEYCLOAK-11739 Ensure unique / PK constraint in JPA is on par with Liquibase 2019-10-23 14:53:17 +02:00
Martin Kanis
37304fdd7d KEYCLOAK-10728 Upgrade to WildFly 18 Final 2019-10-21 14:06:44 +02:00
Pedro Igor
6acb87bd7a [KEYCLOAK-10822] - Prevent access to users from another realm 2019-10-21 10:32:50 +02:00
Pedro Igor
17785dac08 [KEYCLOAK-10714] - Add filtering support in My Resources endpoint by name 2019-10-16 16:26:55 +02:00
Hynek Mlnarik
9d685a2c47 KEYCLOAK-11558 Fix unique constraint violation in PartialImportTest 
(cherry picked from commit 672703cbc1320466d37761c4cb0d46c5dd0ce0f1)
 2019-10-14 14:40:20 +02:00
Takashi Norimatsu
7c75546eac KEYCLOAK-9360 Two factor authentication with W3C Web Authentication - 1st impl phase 
* KEYCLOAK-9360 Two factor authentication with W3C Web Authentication - 1st impl phase
 2019-10-01 15:17:38 +02:00
Jan Lieskovsky
cfb225b499 [KEYCLOAK-8253] Improve the time complexity of LDAP groups synchronization 
(in the direction from LDAP provider to Keycloak) from exponential to
linear time in the case of syncing flat LDAP groups structure

Add a corresponding test (intentionally configured as to be ignored
by CI/CD due to higher demand on time, required fo the test completion)

Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
 2019-09-12 09:54:13 +02:00
Hynek Mlnarik
9eb2e1d845 KEYCLOAK-11028 Use pessimistic locks to prevent DB deadlock when deleting objects 2019-09-09 10:57:49 +02:00
Pedro Igor
967d21dbb5 [KEYCLOAK-10713] - Pagination to resources rest api 2019-07-29 16:19:22 -03:00
keycloak-bot
17e9832dc6 Set version to 8.0.0-SNAPSHOT 2019-07-19 19:05:03 +02:00
Hynek Mlnarik
04f266d381 KEYCLOAK-10744 Fix MariaDB cannot create database 2019-07-18 13:59:49 +02:00
rmartinc
bd5dec1830 KEYCLOAK-10112: Issues in loading offline session in a cluster environment during startup 2019-07-03 13:17:45 +02:00
Pedro Igor
0cdd23763c [KEYCLOAK-10443] - Define a global decision strategy for resource servers 2019-07-02 09:14:37 -03:00
mposolda
c124aec586 KEYCLOAK-10262 DBLockTest.testLockConcurrently fails with MariaDB Galera 10.1 2019-06-24 11:23:18 +02:00
Pedro Igor
61eb94c674 [KEYCLOAK-8915] - Support resource type in authorization requests 2019-06-04 21:02:54 -03:00
skyfalke
0007bad6f3 KEYCLOAK-10393 Fix permission ticket pagination in Authz Client 
KEYCLOAK-10393 Ensure idempotency of find method of permission ticket store
 2019-05-29 09:43:54 -03:00
Hynek Mlnarik
835b2cf9c2 KEYCLOAK-9944 Add Primary Key Constraint into RESOURCE_URIS table 2019-05-13 12:43:23 +02:00
Sebastian Loesch
96250c9685 [KEYCLOAK-9573] Allow AdminEvents for custom resource types 2019-04-26 09:57:28 +01:00
keycloak-bot
49d4e935cb Set version to 7.0.0-SNAPSHOT 2019-04-17 09:48:07 +01:00
Bekh-Ivanov George
ebcfeb20a3 [KEYCLOAK-10020] - Add ability to request user-managed (ticket) permissions by name 2019-04-12 08:44:57 -03:00
Axel Messinese
e18fb56389 KEYCLOAK-4978 Add endpoint to get groups by role 2019-03-15 06:00:17 +01:00
keycloak-bot
e843d84f6e Set version to 6.0.0-SNAPSHOT 2019-03-06 15:54:08 +01:00
stianst
7ad02e7318 Fixes for releasing 2019-03-06 11:38:09 +01:00