keycloak-scim

Author	SHA1	Message	Date
Maciej Mierzwa	97e89e2071	feature: password age in days policy Closes #30210 Signed-off-by: Maciej Mierzwa <dev.maciej.mierzwa@gmail.com>	2024-07-24 15:12:16 -03:00
rmartinc	9f2eddead8	Re-add notes about not supporting DPoP and holder-of-key in the remaining adapters Closes #30874 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-24 11:55:47 +02:00
rmartinc	ccab30d5f2	Move saml documentation to guides Closes #31330 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-24 11:50:24 +02:00
Thomas Darimont	dbd4079f92	Allow users to customize the footer of a login theme (#31391 ) Closes #31390 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-07-23 09:29:38 +02:00
Hynek Mlnarik	a7374f92be	Update login theme to login v2 Fixes: #29009 Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>	2024-07-18 14:33:22 +02:00
rmartinc	764ef4831a	Release notes and some notes for JavaKeystoreProvider changes Closes #31226 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-17 10:44:45 +02:00
Stian Thorgersen	865c2dabea	Update themes.adoc (#31362 ) Closes #30816 Signed-off-by: Stian Thorgersen <stianst@gmail.com>	2024-07-17 10:32:45 +02:00
Thomas Darimont	e79d10e71e	Add missing user event translations to admin-ui Fixes #27677 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-07-12 10:04:57 +02:00
Steven Hawkins	4970a9b729	fix: deprecate KEYCLOAK_ADMIN and KEYCLOAK_ADMIN_PASSWORD closes: #30658 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-07-11 18:07:57 +02:00
rmartinc	e80c3fee9b	Change link to https://github.com/eclipse/microprofile/wiki/JWT_Auth Closes #31219 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-11 18:03:57 +02:00
Steve Hawkins	9247029ca3	fix: removes the operator's usage of the v1 proxy option closes: #30945 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-07-11 14:21:50 +02:00
rmartinc	096e335a92	Support for vault and AES and HMAC algorithms to JavaKeystoreKeyProvider Closes #30880 Closes #29755 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-11 12:40:45 +02:00
Lucy Linder	0f7c2364f0	Update links in ReCAPTCHA doc Google links changed and are now causing redirect issues reports. Closes: #31187 Signed-off-by: Lucy Linder <lucy.derlin@gmail.com>	2024-07-11 00:27:09 +02:00
Martin Kanis	922eaa9fc8	Disable username prohibited chars validator when email as username is… (#31140 ) * Disable username prohibited chars validator when email as the username is set Closes #25339 Signed-off-by: Martin Kanis <mkanis@redhat.com> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-10 09:46:24 -03:00
rmartinc	ce195b81f8	Improve consent deletion when a realm is removed Closes #30992 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-10 09:44:42 +02:00
Gilvan Filho	a918eb1e30	Fix user storage spi jpa quickstart description Closes #30941 Signed-off-by: Gilvan Filho <gfilho@redhat.com>	2024-07-08 14:44:41 +02:00
Pedro Igor	1a8075d62a	Update migration and upgrade guides about GroupRemovedEvent no longer fired when removing a realm Closes #30919 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-05 10:14:30 +02:00
Pedro Igor	b745ac8259	Documenting LDAP connection pooling Closes #30995 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-04 13:21:47 +02:00
Steven Hawkins	a7ae90cbb6	fix: adds affinity and other scheduling to the operator (#29977 ) closes: #29258 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-07-03 20:07:03 +02:00
Thomas Darimont	f34bb21af6	Fix deprecations in common module - Use charset in `Encode` class - Replace reflective call to protected `Liquibase#resetServices()` with call to exposed public method on a custom subclass `KeycloakLiquibase` - Remove usage of deprecated AccessController class in Reflections - Deprecated SetAccessibleProvilegedAction and UnsetAccessibleProvilegedAction Fixes #22209 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-07-02 16:02:35 +00:00
Peter Zaoral	add45a25a8	Add default CPU limit/request for the operator (#30601 ) Closes: #27432 Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2024-07-01 15:12:43 +02:00
Christoph Schulz	657aff787f	Add missing comma to (#30914 ) Signed-off-by: Christoph Schulz <mail@ciis0.de> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>	2024-06-28 13:13:13 +00:00
Stan Silvert	a1445cd93f	Minor doc fix. (#30899 ) Signed-off-by: Stan Silvert <ssilvert@redhat.com>	2024-06-27 16:18:32 -04:00
andymunro	30264c7dd4	Remove inclusive language foreword Closes #30856 Signed-off-by: AndyMunro <amunro@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-06-27 15:22:03 +02:00
Douglas Palmer	5af3001122	Check if OSGI metadata can be removed entirely Closes #29104 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-06-25 14:12:33 +02:00
Douglas Palmer	54f4ab50f0	Broken external links Closes #30717 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-06-25 09:55:50 +02:00
Jon Koops	df18629ffe	Use a default Java version from root POM (#29927 ) Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-06-21 14:19:31 +02:00
Pedro Igor	a0ad680346	Adding an alias to organization and exposing them to templates Closes #30312 Closes #30313 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-20 14:36:14 -03:00
Jon Koops	77fb3c4dd4	Use correct host URL for Admin Console requests (#30535 ) Closes #30432 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-06-19 15:21:53 +02:00
CARBONNEAUX Mathieu	acf79b81c7	add RS256 algorithm to webauthn default policy (#30528 ) closes #28020 Signed-off-by: Mathieu CARBONNEAUX <mathieu.carbonneaux@ch2o.info>	2024-06-19 10:16:46 +02:00
Pedro Ruivo	5c0dddd837	Batch cluster events Sending multiple events in a single network request should minimize latency and traffic. Closes #30445 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-06-14 21:14:22 +02:00
Thibault Morin	f6fa869b12	feat(SAML): add Artifact Binding on brokering scenarios when Keycloak is SP (#29619 ) * feat: add Artifact Binding on brokering scenarios when Keycloak is SP Signed-off-by: tmorin <git@morin.io> * Adding broker test and minor improvements Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> * Fixing IdentityProviderTest Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> * Renaming methods related to idp initiated flows Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> * Fixing partial_import_test.spec.ts Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> --------- Signed-off-by: tmorin <git@morin.io> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-14 08:54:49 -03:00
Pedro Ruivo	18a6c79011	Infinispan Protostream Marshaller (#29474 ) Closes #29394 Signed-off-by: Pedro Ruivo <pruivo@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-06-13 18:02:46 +02:00
Kohei Tamura	d96967682b	Improve procedure for handling open transactions (#29748 ) Signed-off-by: k-tamura <ktamura.biz.80@gmail.com>	2024-06-12 23:21:24 +02:00
Martin Bartoš	04b16a914c	Remove link to management interface guide from ignored links in docs Closes #28475 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2024-06-12 11:50:21 +02:00
daviddelannoy	d4fc5249c4	fix label error for persistent-user-sessions feature flag in documentation Closes #30368 Signed-off-by: daviddelannoy <16318239+daviddelannoy@users.noreply.github.com>	2024-06-12 09:32:10 +00:00
Pedro Igor	e6df8a2866	Allow multiple instances of the same social broker in a realm Closes #30088 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-11 12:44:10 -03:00
Pedro Igor	22da43c619	Fixing broken link (#30299 ) Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-10 15:22:48 +02:00
Pedro Igor	c35bf11b1b	Adding organization section (#29796 ) Closes #28731 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-06-10 09:08:50 +02:00
Giuseppe Graziano	6067f93984	Improvements to refresh token rotation with multiple tabs (#29966 ) Closes #14122 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-06-07 12:02:36 +02:00
Steven Hawkins	5059a02eb2	fix: minor refinements to collection utils (#29536 ) closes: #29535 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-06-06 10:07:34 -04:00
Steven Hawkins	c7e9ee2bff	fix: adds handling for all kcadm prompts as env variables (#29430 ) closes: #21961 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-06-06 13:08:23 +00:00
Marek Posolda	79c8c80058	Example for X.509 direct grant flow authentication (#30203 ) closes #29639 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-06-06 11:58:09 +02:00
Erik Jan de Wit	5897334ddb	Align environment variables between consoles (#30125 ) * change to make authServerUrl the same as authUrl fixes: #29641 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * Remove `authUrl` entirely Signed-off-by: Jon Koops <jonkoops@gmail.com> * Remove file that is unrelated Signed-off-by: Jon Koops <jonkoops@gmail.com> * Split out and align environment variables between consoles Signed-off-by: Jon Koops <jonkoops@gmail.com> * Restore removed variables to preserve backwards compatibility Signed-off-by: Jon Koops <jonkoops@gmail.com> * Also deprecate the `authUrl` for the Admin Console Signed-off-by: Jon Koops <jonkoops@gmail.com> --------- Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> Signed-off-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-06-06 08:36:46 +02:00
Giuseppe Graziano	d5e82356f9	Encrypted KC_RESTART cookie and removed sensitive notes Closes #keycloak/keycloak-private#162 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-06-05 10:33:44 +02:00
Marek Posolda	193439788e	Release notes for support application/jwt response in token introspec… (#30105 ) closes #30104 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-06-04 06:49:13 +02:00
Martin Bartoš	262fc09edc	OpenJDK 21 support (#28518 ) * OpenJDK 21 support Closes #28517 Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * x509 SAN UPN other name is not handled in JDK 21 (#904) closes #29968 Signed-off-by: mposolda <mposolda@gmail.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2024-06-03 14:17:28 +02:00
Peter Zaoral	cd2451d58b	Remove Oracle JDBC driver out of the box (#29895 ) Closes: #29491 Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: Peter Zaoral <pzaoral@redhat.com>	2024-05-31 17:21:19 +00:00
Alexander Schwartz	af23150343	Fixing typo in the upgrading guide for persistent sessions Closes #30028 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-31 13:18:34 +02:00
Miquel Simon	2c521bd64d	Upgrade supported PostgreSQL to version 16 Closes #29875 Signed-off-by: Miquel Simon <msimonma@redhat.com>	2024-05-29 16:31:40 +02:00
Marek Posolda	336b2c875f	Update release notes for Keycloak 25 (#29894 ) closes #29576 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-05-29 14:19:17 +02:00
mposolda	37c10b4d43	Improve documentation for the case when 'basic' client scope already exists closes #29880 Signed-off-by: mposolda <mposolda@gmail.com>	2024-05-29 13:32:05 +02:00
Ryan Emerson	5788263413	Document Failover Lambda for Active/Passive deployments Closes #29787 Signed-off-by: Ryan Emerson <remerson@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-05-29 12:33:13 +02:00
Michal Hajas	61d0d56720	Document it is not possible to use rolling configuration upgrade for enabling persistent sessions Closes #29561 Signed-off-by: Michal Hajas <mhajas@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-29 10:19:20 +02:00
Pedro Igor	bbb83236f5	Do not lower-case the username from the IdP when creating the federated identity Closes #28495 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-29 01:58:20 -03:00
Jon Koops	a3b2dd0735	Remove deprecated `ServerCookie` class (#29916 ) Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-05-28 14:14:05 +00:00
Ryan Emerson	0f17f0abc5	Require external Infinispan be of version 15 or greater Signed-off-by: Ryan Emerson <remerson@redhat.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-22 11:26:26 +00:00
Alexander Schwartz	80de3a0a71	Allow migration of non-persistent sessions to persistent sessions Closes #29375 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-22 10:30:46 +02:00
rmartinc	f7044ba5c2	Use SessionExpirationUtils for validate user and client sessions Check client session is valid in TokenManager Closes #24936 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-05-22 10:12:20 +02:00
Marek Posolda	6dc28bc7b5	Clarify the documentation about step-up authentication (#29735 ) closes #28341 Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-05-21 19:46:27 +02:00
mposolda	bbd4b60163	Update documentation after adapters removal closes #28792 Signed-off-by: mposolda <mposolda@gmail.com>	2024-05-21 09:34:48 +02:00
vramik	35df0140ee	Add a note to the migration guide about index name length for Oracle database Closes #29594 Signed-off-by: vramik <vramik@redhat.com>	2024-05-16 10:06:39 -03:00
Takashi Norimatsu	b4e7d9b1aa	Passkeys: Supporting WebAuthn Conditional UI (#24305 ) closes #24264 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com> Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: mposolda <mposolda@gmail.com>	2024-05-16 07:58:43 +02:00
Alexander Schwartz	8deca303e2	Update instruction on how to enable persistent sessions (#29490 ) Closes #29489 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-15 13:26:51 +02:00
Kamesh Akella	1d613d9037	Argon2 release notes and sizing guide update Closes #29033 Signed-off-by: Kamesh Akella <kamesh.asp@gmail.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-14 17:40:51 +02:00
mposolda	d8a7773947	Adding dummyHash to DirectGrant request in case user does not exists. Fix dummyHash for normal login requests closes #12298 Signed-off-by: mposolda <mposolda@gmail.com>	2024-05-13 16:33:29 +02:00
christian2	e200ccfa53	Fix URL endpoint for Docker registry v2 authentication Closes #29132 Signed-off-by: Christian Hörtnagl <christian2@univie.ac.at>	2024-05-13 13:51:06 +02:00
Alexander Schwartz	6fbe207d64	Create documentation for persistent user sessions Closes #29218 Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Signed-off-by: Michal Hajas <mhajas@redhat.com> Co-authored-by: Michal Hajas <mhajas@redhat.com>	2024-05-13 11:02:45 +02:00
mruzicka	6864ee0ead	doc: Quarkus launch rebuild optimization (#28320 ) Suggest a command which performs the update of the class loading indices only once. Closes #28336 Signed-off-by: Michal Růžička <michal.ruza@gmail.com>	2024-05-10 12:28:38 +02:00
AndyMunro	4a5055c3cc	Update create realm topics to replace Master Closes #29280 Signed-off-by: AndyMunro <amunro@redhat.com>	2024-05-08 17:37:20 +02:00
Nathan Raj	8ff1ae0c08	Update stack-overflow.adoc (#29363 ) Corrected capitalisation for heading	2024-05-08 16:06:33 +02:00
Thore	4b194d00be	iso-date validator for the user-profile Adds a new validator in order to be able to validate user-model fields which should be modified/supplied by a datepicker. Closes #11757 Signed-off-by: Thore <thore@kruess.xyz>	2024-05-07 11:42:39 -03:00
Pedro Igor	d2c5fc86a9	Additional note on release and upgrade guides about partial update on user attributes Closes #28220 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-07 09:59:38 -03:00
Dimitri Papadopoulos Orfanos	9db1443367	Fix typos found by codespell in docs (#28890 ) Run `chmod -x` on files that need not be executable. Signed-off-by: Dimitri Papadopoulos <3234522+DimitriPapadopoulos@users.noreply.github.com> Signed-off-by: Alexander Schwartz <aschwart@redhat.com> Co-authored-by: Alexander Schwartz <aschwart@redhat.com>	2024-05-03 12:41:16 +00:00
Douglas Palmer	26eaa4f83f	Broken link in documentation Closes #29233 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-05-02 15:29:56 -03:00
Steven Hawkins	4697cc956b	further refinement of context handling (#28182 ) * fully removing providers and moving the keycloaksession creation / final cleanup also deprecated Resteasy utility methods closes: #29223 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-05-02 11:21:01 -04:00
Steven Hawkins	3b1ca46be2	fix: updating docs around -q parameter (#29151 ) closes: #27877 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-05-02 16:48:43 +02:00
Douglas Palmer	8d4d5c1c54	Remove redundant servers from the testsuite Closes #29089 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-30 17:39:32 +02:00
Jon Koops	a6e2ab5523	Remove `jaxrs-oauth-client` and OIDC `servlet-filter` adapters Closes #28784 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-04-26 15:56:57 +02:00
Douglas Palmer	cca660067a	Remove JAAS login modules Closes #28789 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-26 09:30:35 +02:00
Douglas Palmer	eae20c76bd	Remove KeycloakInstalled Signed-off-by: Douglas Palmer <dpalmer@redhat.com> Closes #28790	2024-04-26 09:30:35 +02:00
Douglas Palmer	b2f09feebf	Remove servlet filter saml adapters Closes #28786 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-26 09:30:35 +02:00
Douglas Palmer	3e13b40648	Remove Spring adapters Closes #28780 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-26 09:30:35 +02:00
Douglas Palmer	bf2c97065f	Remove SpringBoot adapters Closes #28781 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-26 09:30:35 +02:00
Douglas Palmer	43aa10e091	Remove Tomcat OIDC adapter Closes #28778 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-04-26 09:30:35 +02:00
Douglas Palmer	98faf6e6a0	Remove Tomcat SAML adapter Signed-off-by: Douglas Palmer <dpalmer@redhat.com> Closes #28783	2024-04-26 09:30:35 +02:00
Mark Banierink	ad32896725	replaced and removed deprecated token methods (#27715 ) closes #19671 Signed-off-by: Mark Banierink <mark.banierink@nedap.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-04-23 09:23:37 +02:00
Stefan Guilhen	8ca4bc77a1	Improve the performance of the queries used to find granted resources - simplifies the queries to avoid unnecessary join - creates two new indexes to speed up search time Closes #28861 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-04-22 11:26:06 -03:00
Lex Cao	7e034dbbe0	Add IdpConfirmOverrideLinkAuthenticator to handle duplicate federated identity (#26393 ) Closes #26201. Signed-off-by: Lex Cao <lexcao@foxmail.com> Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-04-22 11:30:14 +02:00
Pedro Ruivo	3e0a185070	Remove deprecated EnvironmentDependentProviderFactory.isSupported method Closes #26280 Signed-off-by: Pedro Ruivo <pruivo@redhat.com>	2024-04-19 16:36:49 +02:00
Ricardo Martin	fc6b6f0d94	Perform exact string match if redirect URI contains userinfo, encoded slashes or parent access (#131 ) (#28872 ) Closes keycloak/keycloak-private#113 Closes keycloak/keycloak-private#134 Signed-off-by: rmartinc <rmartinc@redhat.com> Co-authored-by: Stian Thorgersen <stianst@gmail.com>	2024-04-18 16:02:24 +02:00
Martin Bartoš	7f74286106	Emphasize the need for setting container limit Closes #28729 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2024-04-18 15:44:27 +02:00
rmartinc	ddacfbdefd	Remove deprecated LinkedIn social provider Closes #23127 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-04-18 10:10:58 +02:00
Martin Bartoš	1fb83bb165	Release notes and Migration guide for Hostname v2 (#28621 ) Closes #27730 Signed-off-by: Martin Bartoš <mabartos@redhat.com> Co-authored-by: Václav Muzikář <vmuzikar@redhat.com> Co-authored-by: Peter Zaoral <pzaoral@redhat.com>	2024-04-17 09:29:59 +02:00
Alexander Schwartz	5b4a69a6e9	Limit the concurrency of password hashing to the number of CPU cores available Closes #28477 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-04-15 15:05:09 +02:00
Steven Hawkins	58398d1f69	fix: replaces aesh with picocli (#28276 ) * fix: replaces aesh with picocli closes: #28275 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * fix: replaces aesh with picocli closes: #28275 Signed-off-by: Steve Hawkins <shawkins@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-04-15 13:04:58 +00:00
Christopher Miles	1646315939	Deny list lower cases all passwords when loading from file Closes #28381 We always lower case the inbound password before comparing against the deny list yet the deny list may contain passwords that contain upper case letters. With this change we will now convert passwords from the deny list into lower case while loading, ensuring that more passwords match the deny list. Signed-off-by: Christopher Miles <twitch@nervestaple.com>	2024-04-15 08:49:37 +02:00
Marek Posolda	e6747bfd23	Adjust priority of SubMapper (#28663 ) closes #28661 Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>	2024-04-12 14:13:03 +02:00
Martin Bartoš	a3669a6562	Make general cache options runtime (#28542 ) Closes #27549 Signed-off-by: Martin Bartoš <mabartos@redhat.com>	2024-04-12 11:56:11 +02:00
rmartinc	6d74e6b289	Escape slashes in full group path representation but disabled by default Closes #23900 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-04-12 10:53:39 +02:00

1 2 3 4 5 ...

496 commits