Commit graph

24277 commits

Author SHA1 Message Date
Dmitry Telegin
854ec17fd3 - rework grant type resolution to use supports() in addition to grant type
- replace initialize() with setContext()
- use EnvironmentDependentProviderFactory instead of runtime checks
- move OAuth2GrantTypeManager to server-spi-private
- javadocs, imports, minor fixes

Signed-off-by: Dmitry Telegin <demetrio@carretti.pro>
2024-02-27 19:11:32 +09:00
Dmitry Telegin
cc9c8fe78a Use EnvironmentDependentProviderFactory for DeviceGrantType 2024-02-27 19:11:32 +09:00
Dmitry Telegin
983680ce0e OAuth 2.0 Grant Type SPI
Closes: #26250

Signed-off-by: Dmitry Telegin <demetrio@carretti.pro>
2024-02-27 19:11:32 +09:00
Erik Jan de Wit
dfd3fee95a
reset form when provider / mapperPype changes (#26971)
fixes: #26697

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-02-27 10:05:24 +01:00
rmartinc
562decde35 Perform internal introspect for the access token in the account app
Closes #27243

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-02-27 09:19:20 +01:00
Hynek Mlnařík
004805e21d
Add tests for linked accounts (#27299)
Fixes: #21248

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-02-27 07:15:23 +01:00
Oliver
bf89d53134
Show display name in realm selector (#27259)
Solves #17735

Signed-off-by: Oliver Cremerius <antikalk@users.noreply.github.com>
2024-02-26 14:04:38 +01:00
Alexander Schwartz
516d86cda6
Upgrade to Infinispan 14.0.25 (#27288)
Closes #27280

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-26 13:59:10 +01:00
dependabot[bot]
bb9146edcf
Bump aquasecurity/trivy-action from 0.16.1 to 0.17.0 (#26845)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.16.1 to 0.17.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](d43c1f16c0...84384bd6e7)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-26 09:56:32 -03:00
Hynek Mlnarik
7b384280b6 Tests for applications page
Fixes: #21249

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
2024-02-26 13:24:06 +01:00
Michal Hajas
eadd1c45c4
Document using AWS JDBC Wrapper in HA guide
Closes #27211

Signed-off-by: Michal Hajas <mhajas@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-26 12:15:04 +00:00
kaustubh-rh
03f6cda85a
Prevent user from removing built-in client scopes (#27134)
Closes #26937

Signed-off-by: Kaustubh B <kbawanka@redhat.com>
2024-02-26 11:16:23 +01:00
Gilvan Filho
83af01c4c0 Add failedLoginNotBefore to AttackDetectionResource
Closes #17574

Signed-off-by: Gilvan Filho <gfilho@redhat.com>
2024-02-26 09:35:51 +01:00
Peter Keuter
fb262a05d9
Set the selected locale to default realm locale when creating a user (#27163)
* fix: set the selected locale to default realm locale when creating a user

Signed-off-by: Peter Keuter <github@peterkeuter.nl>

* Update js/apps/admin-ui/src/user/CreateUser.tsx

Co-authored-by: Erik Jan de Wit <edewit@redhat.com>
Signed-off-by: Peter Keuter <github@peterkeuter.nl>

* fix: check if defaultLocale is set

Signed-off-by: Peter Keuter <github@peterkeuter.nl>

* chore: implement proposed change

Signed-off-by: Peter Keuter <github@peterkeuter.nl>

---------

Signed-off-by: Peter Keuter <github@peterkeuter.nl>
Co-authored-by: Erik Jan de Wit <edewit@redhat.com>
2024-02-26 09:19:29 +01:00
Jon Koops
a2343740c8
Only run Husky scripts when installed (#27229)
Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-02-26 09:18:16 +01:00
dependabot[bot]
1277ab4363 Bump @types/react from 18.2.57 to 18.2.58 in /js
Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 18.2.57 to 18.2.58.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

---
updated-dependencies:
- dependency-name: "@types/react"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-26 08:48:47 +01:00
Erik Jan de Wit
f023314d52
added better default (#27196)
fixes: #27173

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-02-26 08:35:06 +01:00
dependabot[bot]
0dadc08e2b Bump eslint from 8.56.0 to 8.57.0 in /js
Bumps [eslint](https://github.com/eslint/eslint) from 8.56.0 to 8.57.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.56.0...v8.57.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-26 07:54:22 +01:00
dependabot[bot]
b8a709b77f Bump @types/chai from 4.3.11 to 4.3.12 in /js
Bumps [@types/chai](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/chai) from 4.3.11 to 4.3.12.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/chai)

---
updated-dependencies:
- dependency-name: "@types/chai"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-26 07:54:03 +01:00
dependabot[bot]
085632aa6a
Bump lightningcss from 1.23.0 to 1.24.0 in /js (#27252)
Bumps [lightningcss](https://github.com/parcel-bundler/lightningcss) from 1.23.0 to 1.24.0.
- [Release notes](https://github.com/parcel-bundler/lightningcss/releases)
- [Commits](https://github.com/parcel-bundler/lightningcss/commits)

---
updated-dependencies:
- dependency-name: lightningcss
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-26 01:17:14 +00:00
dependabot[bot]
53a9eb1d42
Bump vite-plugin-lib-inject-css from 1.3.0 to 2.0.0 in /js (#27250)
Bumps [vite-plugin-lib-inject-css](https://github.com/emosheeep/vite-plugin-lib-inject-css) from 1.3.0 to 2.0.0.
- [Release notes](https://github.com/emosheeep/vite-plugin-lib-inject-css/releases)
- [Changelog](https://github.com/emosheeep/vite-plugin-lib-inject-css/blob/master/CHANGELOG.md)
- [Commits](https://github.com/emosheeep/vite-plugin-lib-inject-css/commits/vite-plugin-lib-inject-css@2.0.0)

---
updated-dependencies:
- dependency-name: vite-plugin-lib-inject-css
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-23 10:08:13 +00:00
dependabot[bot]
20d0c59e44
Bump i18next from 23.9.0 to 23.10.0 in /js (#27248)
Bumps [i18next](https://github.com/i18next/i18next) from 23.9.0 to 23.10.0.
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v23.9.0...v23.10.0)

---
updated-dependencies:
- dependency-name: i18next
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-23 10:07:58 +00:00
dependabot[bot]
c7b858bd42
Bump cypress from 13.6.4 to 13.6.6 in /js (#27249)
Bumps [cypress](https://github.com/cypress-io/cypress) from 13.6.4 to 13.6.6.
- [Release notes](https://github.com/cypress-io/cypress/releases)
- [Changelog](https://github.com/cypress-io/cypress/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/cypress-io/cypress/compare/v13.6.4...v13.6.6)

---
updated-dependencies:
- dependency-name: cypress
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-23 10:48:32 +01:00
dependabot[bot]
5ae299caf4
Bump @types/node from 20.11.19 to 20.11.20 in /js (#27251)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.11.19 to 20.11.20.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-23 10:48:08 +01:00
Erik Jan de Wit
d03890263e
use the right context (#27237)
fixes: #27234

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-02-23 07:24:57 +00:00
graziang
cecce40aa5 Avoid regenerating the totpSecret on every reload of the OTP configuration page
Using an auth note to store the totpSecret and passing its value in the TotpBean constructor to keep the totpSecret on page reload

Closes #26052

Signed-off-by: graziang <g.graziano94@gmail.com>
2024-02-22 19:09:09 +01:00
Václav Muzikář
35537d6289
Upgrade to Quarkus 3.7.4 (#27231)
Closes #27226

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-22 12:42:46 -03:00
Peter Keuter
0960114c03
Check if registrationEmailAsUsername is explicitly set to false (#27139)
Closes #27137

Signed-off-by: Peter Keuter <github@peterkeuter.nl>
2024-02-22 15:58:04 +01:00
dependabot[bot]
f95bfdf498
Bump i18next-http-backend from 2.4.3 to 2.5.0 in /js (#27217)
Bumps [i18next-http-backend](https://github.com/i18next/i18next-http-backend) from 2.4.3 to 2.5.0.
- [Changelog](https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next-http-backend/compare/v2.4.3...v2.5.0)

---
updated-dependencies:
- dependency-name: i18next-http-backend
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-22 14:22:23 +00:00
Pedro Igor
b98e115183 Updating docs and account message
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
2024-02-22 22:58:22 +09:00
dependabot[bot]
510f0beb71
Bump vite-plugin-dts from 3.7.2 to 3.7.3 in /js (#27218)
Bumps [vite-plugin-dts](https://github.com/qmhc/vite-plugin-dts) from 3.7.2 to 3.7.3.
- [Release notes](https://github.com/qmhc/vite-plugin-dts/releases)
- [Changelog](https://github.com/qmhc/vite-plugin-dts/blob/main/CHANGELOG.md)
- [Commits](https://github.com/qmhc/vite-plugin-dts/compare/v3.7.2...v3.7.3)

---
updated-dependencies:
- dependency-name: vite-plugin-dts
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-22 14:39:13 +01:00
Pedro Igor
604274fb76 Allow setting an attribute as multivalued
Closes #23539

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>

Co-authored-by: Jon Koops <jonkoops@gmail.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-02-22 12:56:44 +01:00
Takashi Norimatsu
1e12b15890 Supporting OAuth 2.1 for public clients
closes #25316

Co-authored-by: shigeyuki kabano <shigeyuki.kabano.sj@hitachi.com>
Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2024-02-22 10:57:29 +01:00
dependabot[bot]
17a4902c4a Bump vite from 5.1.3 to 5.1.4 in /js
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.1.3 to 5.1.4.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.1.4/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-22 09:40:31 +01:00
Douglas Palmer
b0ef746f39 Permanently lock users out after X temporary lockouts during a brute force attack
Closes #26172

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-02-22 09:34:51 +01:00
Takashi Norimatsu
9ea679ff35 Supporting OAuth 2.1 for confidential clients
closes #25314

Co-authored-by: shigeyuki kabano <shigeyuki.kabano.sj@hitachi.com>
Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
2024-02-22 08:34:21 +01:00
Sebastian Schuster
5e34769ee0 27031 ReadOnlyAttributeUnchangedValidator logs validation errors on debug not warning
Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.io>
2024-02-22 08:24:08 +09:00
Alexander Schwartz
25f2b52afd Remove the preview note from Keycloak's HA guide
Closes #27084

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-21 19:59:15 +01:00
Jon Koops
89af9e3ffd
Write announcement and documentation for Account Console v3 (#26318)
Closes #26122

Signed-off-by: Jon Koops <jonkoops@gmail.com>
2024-02-21 13:42:33 -05:00
Peter Keuter
01d66a662b
Expose display name and locales when user has ANY admin role (#27160)
* chore: expose display name and locales when user has view-realm

Signed-off-by: Peter Keuter <github@peterkeuter.nl>

* fix: supportedlocales are available as stream

Signed-off-by: Peter Keuter <github@peterkeuter.nl>

* fix: tests

Signed-off-by: Peter Keuter <github@peterkeuter.nl>

* fix: remove unnecessarily added ignore

Signed-off-by: Peter Keuter <github@peterkeuter.nl>

---------

Signed-off-by: Peter Keuter <github@peterkeuter.nl>
2024-02-21 13:30:31 -05:00
Steven Hawkins
daa6cf5951
fix: waiting more time for the log to appear (#27208)
closes: #26790

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-02-21 16:48:30 +00:00
Alexander Schwartz
5f56a9b356
Keycloak users should not need to understand the depths of Quarkus configuration to implement Keycloak HA (#27122)
Closes #27121

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-21 13:49:14 +01:00
Alexander Schwartz
3b6886d970
Add warning about too long attribute values as it can exhaust caches (#27126)
Closes #27125

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
2024-02-21 13:47:58 +01:00
Václav Muzikář
33425dacd9
Add proxy-headers option to the Keycloak CR (#27092)
Closes #25179

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-21 12:19:37 +01:00
Pedro Igor
37805ffbb2 fixing typo in bug template 2024-02-21 20:10:07 +09:00
graziang
d13dc57a29 Removing duplicate claims in action tokens
Using variables instead of otherClaims map for claims in action tokens to avoid duplicate claims in the jwt payload

Closes #24980

Signed-off-by: graziang <g.graziano94@gmail.com>
2024-02-21 11:30:49 +01:00
Peter Keuter
bc7a0e2de1
Implement overriding description from properties (#27187)
* feat: implement overriding description from properties

Signed-off-by: Peter Keuter <github@peterkeuter.nl>

* fix: use correct replacement

Signed-off-by: Peter Keuter <github@peterkeuter.nl>

---------

Signed-off-by: Peter Keuter <github@peterkeuter.nl>
2024-02-21 11:06:36 +01:00
Václav Muzikář
de60c9b469
Tweak the default memory request and limit in the Operator (#27170)
Closes #27169

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
2024-02-21 10:03:17 +01:00
Ricardo Martin
3bc074913e
Allow LDAP provider to search using any attribute configured via mappers (#26235)
Closes #22436

Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-02-21 08:48:39 +00:00
Steven Hawkins
7ea595d27b
fix: address test failure by using the previous log (#27172)
closes: #26790

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-02-20 18:09:51 +00:00