Stian Thorgersen
cbfdae5e75
Remove support for multiple AUTH_SESSION_ID cookies ( #26462 )
...
Closes #26457
Signed-off-by: stianst <stianst@gmail.com>
2024-01-25 06:58:42 +01:00
rmartinc
7f195acc14
Enable verify profile required action by default for new realms
...
Closes #25985
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-24 20:28:06 +01:00
Thomas Darimont
e7363905fa
Change password hashing defaults according to OWASP recommendations ( #16629 )
...
Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2 ):
- Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512
- Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000
- Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000
- Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000
- Adapt PasswordHashingTest to new defaults
- The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations.
- Document changes in changes document with note on performance and how
to keep the old behaviour.
- Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly
Fixes #16629
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-01-24 18:35:51 +01:00
Stian Thorgersen
208e3a6529
Exclude ubuntu-latest (sanity-check-zip) as it is running the full zip ( #26463 )
...
Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 16:48:41 +00:00
Peter Zaoral
d23383e79c
Stabilizing the FipsDistTest
...
* increased the timeout to let Keycloak stop
Closes #26374
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-01-24 16:54:56 +01:00
Václav Muzikář
7a57bfb504
Fix createdAt
format in Operator CSV ( #26428 )
...
Closes #26427
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-01-24 16:41:44 +01:00
Florian Garcia
af0b9164e3
fix: hardcoded conditional rendering of client secret input field ( #25776 )
...
Closes #22660
Signed-off-by: ImFlog <garcia.florian.perso@gmail.com>
Co-authored-by: useresd <yousifmagdi@gmail.com>
2024-01-24 16:30:22 +01:00
agagancarczyk
4061abf588
fixed bug ( #26453 )
...
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-24 12:59:32 +00:00
Stian Thorgersen
85ddac26ed
Remove code that expires old cookie paths ( #26444 )
...
Closes #26416
Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 13:43:03 +01:00
vickeybrown
86098242a5
Added Client Type feature flag to begin client type work ( #26389 )
...
* Added Client Type feature flag to begin client type work
Closes #26346
Signed-off-by: vibrown <vibrown@redhat.com>
* Fixed formatting issue
Signed-off-by: vibrown <vibrown@redhat.com>
* Updated HelpCommandDistTest messages
Signed-off-by: vibrown <vibrown@redhat.com>
* Fixed formatting on HelpCommandDistTest messages
Signed-off-by: vibrown <vibrown@redhat.com>
---------
Signed-off-by: vibrown <vibrown@redhat.com>
2024-01-24 12:07:07 +00:00
Lex Cao
142c14138f
Add verify email required action for IdP email verification
...
Closes #26418
Signed-off-by: Lex Cao <lexcao@foxmail.com>
2024-01-24 12:15:09 +01:00
Takashi Norimatsu
b99f45ed3d
Supporting EdDSA
...
closes #15714
Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
Co-authored-by: Muhammad Zakwan Bin Mohd Zahid <muhammadzakwan.mohdzahid.fg@hitachi.com>
Co-authored-by: rmartinc <rmartinc@redhat.com>
2024-01-24 12:10:41 +01:00
Erik Jan de Wit
3b3eef2560
Added data-testid to expandable nav ( #26445 )
...
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-24 11:54:17 +01:00
Stian Thorgersen
fea49765f0
Remove Jetty 9.4 adapters ( #26261 )
...
Only removing the distribution of the Jetty adapter for now, and leaving the rest for now. This is due to the complexity of removing all Jetty adapter code due to Spring, OSGI, Fuse, testsuite, etc. and it will be better to leave the rest of the clean-up to after 24 when we are removing most adapters
Closes #26255
Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 11:17:29 +01:00
Douglas Palmer
ee5593a88f
CVE-2022-1471- SnakeYaml remote code execution by sending malicious YAML content
...
Closes #25261
Signed-off-by: Douglas Palmer dpalmer@redhat.com
2024-01-24 11:08:17 +01:00
Peter Keuter
21bdea3b71
Groups should be clickable when user has view-access on the group ( #26033 )
...
Closes #26040
Signed-off-by: Peter Keuter <github@peterkeuter.nl>
2024-01-24 09:17:39 +00:00
Peter Keuter
a0bcf35236
fix: check actual subgroup rights when clicking a subgroup ( #26230 )
...
Signed-off-by: Peter Keuter <github@peterkeuter.nl>
2024-01-24 07:30:47 +00:00
agagancarczyk
00fdb8e2f5
Fixed dropdown form in clients authorization policies tab ( #26424 )
...
* fixed dropdown forms in clients authorization
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* improved translations
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* improved
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
---------
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-24 07:49:27 +01:00
Steven Hawkins
93e90789fe
fix: auto-build not needed for build ( #26099 )
...
closes #26075
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-23 17:56:34 +01:00
Jon Koops
ea5888ef38
Add missing translations for WebAuthN Passwordless in Account Console ( #26421 )
...
Closes #26420
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-23 16:00:12 +00:00
Martin Kanis
84603a9363
Map Store Removal: Rename Legacy* classes ( #26273 )
...
Closes #24105
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-23 13:50:31 +00:00
Jon Koops
5bf2d4b6ec
Enable PKCE by default for Keycloak JS ( #26412 )
...
Closes #26411
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-23 14:04:13 +01:00
Thomas Darimont
cc7d6a9b79
Improve wording for Concepts for configuring thread pools in docs
...
Closes #26402
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-23 12:56:55 +00:00
agagancarczyk
662c705d66
fixed typo ( #26408 )
...
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-23 11:22:23 +00:00
Jon Koops
4c5bf596aa
Ensure key
prop of credentials list is unique ( #26410 )
...
Closes #26409
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-23 11:08:20 +00:00
agagancarczyk
73e5c8290f
Fixed a11y violations and typos in translations for messages in the dialog message for disabling clients. ( #26395 )
...
* fixed critical violations
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* fixed more a11y violations
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* renamed translation
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* added area-label
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* added area-label
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* renamed spinners translation
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
---------
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-23 09:28:50 +00:00
Peter Zaoral
d9f8a1bf4e
Testing Keycloak with nightly Quarkus releases ( #23407 )
...
Closes #23322
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2024-01-23 09:43:31 +01:00
dependabot[bot]
35d2be9468
Bump @typescript-eslint/parser from 6.19.0 to 6.19.1 in /js
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 6.19.0 to 6.19.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.19.1/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-23 08:11:55 +01:00
dependabot[bot]
6f00b7d280
Bump @testing-library/jest-dom from 6.2.0 to 6.2.1 in /js
...
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom ) from 6.2.0 to 6.2.1.
- [Release notes](https://github.com/testing-library/jest-dom/releases )
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md )
- [Commits](https://github.com/testing-library/jest-dom/compare/v6.2.0...v6.2.1 )
---
updated-dependencies:
- dependency-name: "@testing-library/jest-dom"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-23 07:53:53 +01:00
dependabot[bot]
6f290eafa0
Bump @typescript-eslint/eslint-plugin from 6.19.0 to 6.19.1 in /js
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 6.19.0 to 6.19.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.19.1/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-23 07:53:24 +01:00
Sebastian Schuster
8807562593
Make role mapping tab visible with view user permissions ( #26386 )
...
Co-authored-by: Salem Wafi <32916450+SalemWafi@users.noreply.github.com>
Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>
2024-01-22 17:06:25 +01:00
Jon Koops
03b03f3ccd
Add missing translations for WebAuthN in Account Console ( #26384 )
...
Closes #26383
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-01-22 16:04:22 +00:00
agagancarczyk
43053b8a82
Fixed translation for search box in clients authorization policies tab ( #26387 )
...
* resolved conflict
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* resolved conflict
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
---------
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-22 16:10:37 +01:00
agagancarczyk
37e0f8f92b
Fixed resource and permission names and tooltip message ( #26385 )
...
* fixed typo
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* renamed key
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
---------
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-22 15:47:18 +01:00
agagancarczyk
4a49759aa0
More a11y fixes ( #26344 )
...
* fixed a11y violations
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* fixed more a11y violations
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* a11y fixes
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* fixed a11y violations
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
* fixed more a11y violations
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
---------
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2024-01-22 08:04:27 -05:00
Douglas Palmer
ffa069a33b
Invalidate authentication session on repeated Recovery Code failures
...
Closes #26180
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-01-22 11:57:47 +01:00
Zhikai Chen
359ccc060d
Update Chinese Translation ( #26297 )
...
Closes #26295
Signed-off-by: zhikaichen <czk1997@gmail.com>
2024-01-22 11:26:36 +01:00
Alexander Schwartz
e6cd9a2987
Remove product specific content about Linux only ( #26222 )
...
Closes #26220
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-22 10:38:07 +01:00
dependabot[bot]
e4910b350e
Bump rollup from 4.9.5 to 4.9.6 in /js ( #26370 )
...
Bumps [rollup](https://github.com/rollup/rollup ) from 4.9.5 to 4.9.6.
- [Release notes](https://github.com/rollup/rollup/releases )
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rollup/rollup/compare/v4.9.5...v4.9.6 )
---
updated-dependencies:
- dependency-name: rollup
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-22 09:07:11 +00:00
dependabot[bot]
cbd90588e4
Bump rollup ( #26371 )
...
Bumps [rollup](https://github.com/rollup/rollup ) from 4.9.5 to 4.9.6.
- [Release notes](https://github.com/rollup/rollup/releases )
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md )
- [Commits](https://github.com/rollup/rollup/compare/v4.9.5...v4.9.6 )
---
updated-dependencies:
- dependency-name: rollup
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-22 09:47:47 +01:00
dependabot[bot]
01da3db357
Bump react-i18next from 14.0.0 to 14.0.1 in /js
...
Bumps [react-i18next](https://github.com/i18next/react-i18next ) from 14.0.0 to 14.0.1.
- [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/react-i18next/compare/v14.0.0...v14.0.1 )
---
updated-dependencies:
- dependency-name: react-i18next
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-22 09:46:59 +01:00
Erik Jan de Wit
37790c7956
Add a way to extend the UI with an Java API ( #23772 )
...
* POC to see how we could extend the UI
This is very crude and there are still open issues that need to be worked out
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* added saving option
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* added list and recreate client form
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* add tab ui
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* integrate tabs
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* remove examples
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* fixed error messages
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* added Feature for ui customization
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
---------
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-22 08:19:58 +00:00
dependabot[bot]
96c882447d
Bump @playwright/test from 1.41.0 to 1.41.1 in /js
...
Bumps [@playwright/test](https://github.com/microsoft/playwright ) from 1.41.0 to 1.41.1.
- [Release notes](https://github.com/microsoft/playwright/releases )
- [Commits](https://github.com/microsoft/playwright/compare/v1.41.0...v1.41.1 )
---
updated-dependencies:
- dependency-name: "@playwright/test"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-22 09:15:56 +01:00
dependabot[bot]
a6cef9d3af
Bump jsdom from 23.2.0 to 24.0.0 in /js
...
Bumps [jsdom](https://github.com/jsdom/jsdom ) from 23.2.0 to 24.0.0.
- [Release notes](https://github.com/jsdom/jsdom/releases )
- [Changelog](https://github.com/jsdom/jsdom/blob/main/Changelog.md )
- [Commits](https://github.com/jsdom/jsdom/compare/23.2.0...24.0.0 )
---
updated-dependencies:
- dependency-name: jsdom
dependency-type: direct:development
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-22 09:15:31 +01:00
dependabot[bot]
2bf805ae34
Bump i18next from 23.7.16 to 23.7.18 in /js
...
Bumps [i18next](https://github.com/i18next/i18next ) from 23.7.16 to 23.7.18.
- [Release notes](https://github.com/i18next/i18next/releases )
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next/compare/v23.7.16...v23.7.18 )
---
updated-dependencies:
- dependency-name: i18next
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-22 09:14:58 +01:00
dependabot[bot]
afbf5c6af8
Bump vite from 5.0.11 to 5.0.12 in /js
...
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ) from 5.0.11 to 5.0.12.
- [Release notes](https://github.com/vitejs/vite/releases )
- [Changelog](https://github.com/vitejs/vite/blob/v5.0.12/packages/vite/CHANGELOG.md )
- [Commits](https://github.com/vitejs/vite/commits/v5.0.12/packages/vite )
---
updated-dependencies:
- dependency-name: vite
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-22 09:14:07 +01:00
Stian Thorgersen
656e680019
Remove unused HttpResponse.setWriteCookiesOnTransactionComplete ( #26326 )
...
Closes #26325
Signed-off-by: stianst <stianst@gmail.com>
2024-01-20 11:31:10 +01:00
Martin Bartoš
98be32d9ff
Parse default UserProfile configuration in the build time
...
Closes #24890
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2024-01-19 17:05:59 -03:00
Douglas Palmer
e7d842ea32
Invalidate session secretly
...
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-01-19 15:44:35 -03:00
Douglas Palmer
18d0105de0
Invalidate authentication session on repeated OTP failures
...
Closes #26177
Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-01-19 15:44:35 -03:00