Commit graph

22331 commits

Author SHA1 Message Date
Martin Kanis
5730b54ac7 keycloak-server from testsuite won't start
Closes #20920
2023-06-12 13:22:21 +02:00
rmartinc
f3fcf1f8c5 Session cross-reference / transaction mismatch
Closes https://github.com/keycloak/keycloak/issues/20855
2023-06-12 13:18:39 +02:00
Erik Jan de Wit
4b3733de2e
little wrapper around the time selector (#20881)
this makes it easier to use
2023-06-12 12:53:29 +02:00
Erik Jan de Wit
c771890da8
added test saml advanced tab (#20880) 2023-06-12 12:52:45 +02:00
Erik Jan de Wit
9c9cd4cf21
increased policy row with (#20816)
fixes: #20674
2023-06-12 12:51:37 +02:00
Erik Jan de Wit
e750ad71de
added fix for url encoded paths (#20813)
fixes: #20782
2023-06-12 12:51:19 +02:00
Erik Jan de Wit
911663b65c
use admin client instead of fetch (#20774) 2023-06-12 12:50:53 +02:00
Erik Jan de Wit
db315b59f6
use ui ext groups endpoint (#20772)
so that we have filtering for fine grained groups
fixes: https://github.com/keycloak/keycloak/issues/19655#issuecomment-1573350358
2023-06-12 12:50:26 +02:00
Erik Jan de Wit
a61b1e7fb2
use id instead of name (#20717)
fixes: #20694
2023-06-12 12:50:03 +02:00
Erik Jan de Wit
8d2dbbe6ad
added missing "allow ecp flow" field (#20713)
fixes: #20673
2023-06-12 12:46:03 +02:00
Vlasta Ramik
ed473da22b
Clean-up of deprecated methods and interfaces
Fixes #20877

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-09 17:11:20 +00:00
Rinus Wiskerke
fbfdb54745
Strip rotated client secret from export json (#19394)
Closes #19373
2023-06-09 10:46:28 +02:00
André
fbb758216f
Fixes the links to the REST api documentation (#20858)
Closes #20700
2023-06-08 14:11:52 -04:00
Steven Hawkins
91a3ab6b87
expands the status handling to account for the prior status (#20856)
Closes #20853
2023-06-08 17:09:39 +02:00
rmartinc
61968bf747 Use OIDCAttributeMapperHelper.mapClaim in the GroupMembershipMapper
Closes https://github.com/keycloak/keycloak/issues/19767
2023-06-08 11:12:24 -03:00
Réda Housni Alaoui
eb9bb281ec Require user to agree to 'terms and conditions' during registration 2023-06-08 10:39:00 -03:00
Marek Posolda
8080085cc1
Removing 'http challenge' authentication flow and related authenticators (#20731)
closes #20497


Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-08 14:52:34 +02:00
Alexander Schwartz
4d0fa6796f
Upgrade to Infinispan 14.0.10.Final (#20804)
Closing #20803
2023-06-08 10:43:22 +02:00
Hynek Mlnarik
12dd3edb10 Fix pagination issue with H6
With Hibernate ORM 6, pagination started to be unreliable: When
setting the max results only if the first row was 0 has randomly
affected other threads where first row was greater than 0. The
latter thread sometimes produced query which did *not* account
for the offset (cf. threads `-t1` and `-t2` below, while `-t2`
missed the `offset ? rows` part whic `-t3` has).

This has been fixed by setting the first row offset unconditionally.

Closes: #20202
Closes: #16570

```
2023-06-02 10:19:03.855000 TRACE [org.keycloak.models.sessions.infinispan.initializer.SessionInitializerWorker] (blocking-thread-node-2-p8-t1) Running computation for segment 0 with worker 0
2023-06-02 10:19:03.856000 TRACE [org.keycloak.models.sessions.infinispan.initializer.OfflinePersistentUserSessionLoader] (blocking-thread-node-2-p8-t1) Loading sessions for segment=0 lastSessionId=00000000-0000-0000-0000-000000000000 first=0
2023-06-02 10:19:03.856000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t1) Set max to 64 in org.hibernate.query.sqm.internal.QuerySqmImpl@2fb60f8b
2023-06-02 10:19:03.856000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t1) After pagination: 0, 64
2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.SessionInitializerWorker] (blocking-thread-node-2-p8-t2) Running computation for segment 1 with worker 1
2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.OfflinePersistentUserSessionLoader] (blocking-thread-node-2-p8-t2) Loading sessions for segment=1 lastSessionId=00000000-0000-0000-0000-000000000000 first=64
2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.SessionInitializerWorker] (blocking-thread-node-2-p8-t3) Running computation for segment 2 with worker 2
2023-06-02 10:19:03.857000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t2) Set first to 64 in org.hibernate.query.sqm.internal.QuerySqmImpl@71464e9f
2023-06-02 10:19:03.857000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t2) Set max to 64 in org.hibernate.query.sqm.internal.QuerySqmImpl@71464e9f
2023-06-02 10:19:03.857000 DEBUG [org.keycloak.models.jpa.PaginationUtils] (blocking-thread-node-2-p8-t2) After pagination: 64, 64
2023-06-02 10:19:03.857000 TRACE [org.keycloak.models.sessions.infinispan.initializer.OfflinePersistentUserSessionLoader] (blocking-thread-node-2-p8-t3) Loading sessions for segment=2 lastSessionId=00000000-0000-0000-0000-000000000000 first=128
10:19:03,859 DEBUG [org.hibernate.SQL] (blocking-thread-node-2-p8-t1)
    select
        p1_0.OFFLINE_FLAG,
        p1_0.USER_SESSION_ID,
        p1_0.CREATED_ON,
        p1_0.DATA,
        p1_0.LAST_SESSION_REFRESH,
        p1_0.REALM_ID,
        p1_0.USER_ID
    from
        OFFLINE_USER_SESSION p1_0,
        REALM r1_0
    where
        r1_0.ID=p1_0.REALM_ID
        and p1_0.OFFLINE_FLAG=?
        and p1_0.USER_SESSION_ID>?
    order by
        p1_0.USER_SESSION_ID fetch first ? rows only
10:19:03,859 DEBUG [org.hibernate.SQL] (blocking-thread-node-2-p8-t2)
    select
        p1_0.OFFLINE_FLAG,
        p1_0.USER_SESSION_ID,
        p1_0.CREATED_ON,
        p1_0.DATA,
        p1_0.LAST_SESSION_REFRESH,
        p1_0.REALM_ID,
        p1_0.USER_ID
    from
        OFFLINE_USER_SESSION p1_0,
        REALM r1_0
    where
        r1_0.ID=p1_0.REALM_ID
        and p1_0.OFFLINE_FLAG=?
        and p1_0.USER_SESSION_ID>?
    order by
        p1_0.USER_SESSION_ID fetch first ? rows only
2023-06-02 10:19:03.860000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t1) binding parameter [1] as [VARCHAR] - [1]
2023-06-02 10:19:03.860000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t1) binding parameter [2] as [VARCHAR] - [00000000-0000-0000-0000-000000000000]
2023-06-02 10:19:03.860000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t1) binding parameter [3] as [INTEGER] - [64]
10:19:03,860 DEBUG [org.hibernate.SQL] (blocking-thread-node-2-p8-t3)
    select
        p1_0.OFFLINE_FLAG,
        p1_0.USER_SESSION_ID,
        p1_0.CREATED_ON,
        p1_0.DATA,
        p1_0.LAST_SESSION_REFRESH,
        p1_0.REALM_ID,
        p1_0.USER_ID
    from
        OFFLINE_USER_SESSION p1_0,
        REALM r1_0
    where
        r1_0.ID=p1_0.REALM_ID
        and p1_0.OFFLINE_FLAG=?
        and p1_0.USER_SESSION_ID>?
    order by
        p1_0.USER_SESSION_ID offset ? rows fetch first ? rows only
2023-06-02 10:19:03.861000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t3) binding parameter [3] as [INTEGER] - [128]
2023-06-02 10:19:03.861000 TRACE [org.hibernate.orm.jdbc.bind] (blocking-thread-node-2-p8-t3) binding parameter [4] as [INTEGER] - [64]
```

Co-authored-by: mkanis <mkanis@redhat.com>
2023-06-07 20:45:34 +02:00
Miquel Simon
7e95d57faa Add Migration Tests to CI workflow 2023-06-07 19:43:48 +02:00
Steven Hawkins
075d913037
enabling keycloak to be a scalable resource (#20828)
Closes #20825
2023-06-07 17:57:25 +02:00
Saman-jafari
31db84e924 fix: issuedFor added to token to get client id into the token also redirect uri added to token and then passed to info template for "back to application" functionality
test also added to check the availability of issueFor(azp) and redirect uri in Action
Fixes #14860
Fixes #15136
2023-06-07 12:19:46 -03:00
Zvi Grinberg
ace83231ee Update RegexPolicyTest.java
Add forgotten imports
2023-06-07 10:18:10 -03:00
Zvi Grinberg
b29ce53f6e Fix bug in regex policy evaluation that it ignored flatted user claims that are mapped by protocol mappers to complex JSON structure in access token( in the access token JWT it's key and value is a JSON by itself)
fixes: #20436
Signed-off-by: Zvi Grinberg <zgrinber@redhat.com>
2023-06-07 10:18:10 -03:00
Steven Hawkins
d77041f177
mostly updating the logic to newer fabric8 apis (#20825)
Closes #20822
2023-06-07 14:58:39 +02:00
Vlasta Ramik
3b2dea64ac
Remove duplicated and unused PersistenceExceptionConverter (#20844)
Closes #20842
2023-06-07 14:46:36 +02:00
Peter Zaoral
f4cc6d7b76 Update the docs
* updated the release notes
* updated the FIPS guide

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-06-07 09:23:12 -03:00
Alice Wood
7e56938b74 Extend group search attribute functionality to account for use case where only the leaf group is required 2023-06-07 08:52:23 -03:00
rmartinc
9bc30f4705 EventBuilder fixes to copy the store and session context
Closes https://github.com/keycloak/keycloak/issues/20757
Closes https://github.com/keycloak/keycloak/issues/20105
2023-06-07 08:34:27 -03:00
Jon Koops
9a8d1ca1f3
Stop waiting page load when calling assertCurrent() (#20786) 2023-06-07 13:13:46 +02:00
ComplexSpaces
1af4a7a532
Pass webauthn signature algorithm IDs as integers instead of strings (#20832)
closes #20831
2023-06-07 11:46:16 +02:00
Martin Bartoš
bea8778683 Use new method for obtaining DB dialect 2023-06-07 10:14:34 +02:00
Pedro Hos
9ebd94a3a8 Userinfo endpoint doesn't accept charset #20671
Closes 20671
2023-06-07 08:08:05 +02:00
Bruno Sanches
ecf4dbfb18
Check if formData is empty before putting login hint (#20733)
closes keycloak#20732
2023-06-06 17:14:08 -04:00
Václav Muzikář
0c2ac4f776
Remove mentions of temporary support for Java EE Admin Client (#20807) 2023-06-06 15:39:56 -03:00
Jon Koops
fcd2a5138d
Update dependencies to latest version (#20788) 2023-06-06 12:35:06 -04:00
Václav Muzikář
989ffe2d22
Remove Fabric8 override from the Operator (#20728)
Closes #20130
2023-06-06 13:58:20 +00:00
Artur Baltabayev
041441f48f
Improved Reset OTP authenticator (#20572)
* ResetOTP authenticator can now be configured, so that one or all existing OTP configurations are deleted upon reset.

Closes #8753
---------

Co-authored-by: bal1imb <Artur.Baltabayev@bosch.com>
2023-06-06 08:30:44 -03:00
Erik Jan de Wit
cbed5849f5
join title and expand section together (#20590)
* join title and expand section together

fixes: #20329

* but expandable inside <li>
2023-06-06 07:33:02 +02:00
Steven Hawkins
d045156ba4
Adding the ability to set ingressClassName (#20796)
Closes #20723
2023-06-05 21:10:39 +00:00
dependabot[bot]
d5ef798cac
Bump github/codeql-action from 2.3.3 to 2.3.6 (#20765)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.3.3 to 2.3.6.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/v2.3.6/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.3.3...v2.3.6)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-05 17:28:02 -03:00
rmartinc
81aa588ddc Fix and correlate session timeout calculations in legacy and new map implementations
Closes https://github.com/keycloak/keycloak/issues/14854
Closes https://github.com/keycloak/keycloak/issues/11990
2023-06-05 18:46:23 +02:00
Jon Koops
8eee3f434b
Fix test for brute force detection of recovery codes (#20784) 2023-06-05 11:55:30 -04:00
Alexander Schwartz
2b16fda3a1
Setting ParallelGC as the default garbage collector (#20606)
Closing #20568
2023-06-05 17:48:28 +02:00
rmartinc
d80094793b Manage elytron configuration if configured for JDK-17
Closes https://github.com/keycloak/keycloak/issues/20385
2023-06-05 13:50:28 +02:00
Stan Silvert
d89679e62d
theme.properties customizations for account v3 (#20450)
* theme.properties customizations for account v3
Fixes #20200

* theme.properties customizations for account v3
Fixes #20200

* Get rid of conditional hook

* Fix linting.

* Update js/apps/account-ui/src/root/Root.tsx

Co-authored-by: Jon Koops <jonkoops@gmail.com>

* Update js/apps/account-ui/src/environment.ts

Co-authored-by: Jon Koops <jonkoops@gmail.com>

---------

Co-authored-by: Jon Koops <jonkoops@gmail.com>
2023-06-05 07:50:15 -04:00
Jon Koops
7ce96bb6d5
Remove workaround for legacy consoles from waitForPageToLoad (#20754) 2023-06-05 07:48:08 -04:00
Azarchaniel
381b9a7fd4
Fixed Slovak translations for plurals - seconds, minutes, hours, days (#20748)
Closes #20742
2023-06-05 09:59:06 +00:00
Alexander Schwartz
cd9e0be9f0 Filter first, then sort, and avoid atomics
Closes #20394
2023-06-05 11:23:54 +02:00
Stan Silvert
b63fccb062
Fix required getting toggled on when creating new UP attribute. (#20735)
Fixes #20536
2023-06-02 16:12:47 -04:00