Commit graph

839 commits

Author SHA1 Message Date
Jean-Francois Denise
203eb3421a Add Galleon layer metadata to the SAML Galleon feature-pack
Signed-off-by: Jean-Francois Denise <jdenise@redhat.com>
2023-11-22 10:56:27 +01:00
Václav Muzikář
3bc7ef7ed5
Update to Quarkus 3.2.9 (#24842)
Closes #24841
Closes #24160

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2023-11-20 14:27:13 +01:00
Martin Bartoš
fd56666334 SAML ECP does not work on the latest WF/EAP8
Fixes #24746

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
2023-11-16 21:17:19 +01:00
vramik
6fa26d7ff4 Delete map dependencies from dependency management
Closes #24101
2023-11-08 13:53:17 +01:00
Peter Skopek
e5eded0eab
Add possibility to override fileName and base directory of Keycloak Quarkus distribution ZIP archive (#24284)
Closes #24283

Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-11-07 10:31:58 +01:00
Bruno Oliveira da Silva
599cc41715 CVE-2023-44483 - Insertion of Sensitive Information into Log File vulnerability in org.apache.santuario:xmlsec
Closes #24224
2023-10-31 10:51:03 +01:00
Bruno Oliveira da Silva
8df561c675 CVE-2023-4586 - Hot Rod client does not enable hostname validation when using TLS that lead to a MITM attack
A vulnerability was found in the Hot Rod client. This security issue
occurs as the Hot Rod client does not enable hostname validation when
using TLS, possibly resulting in a man-in-the-middle (MITM) attack.

Closes #24328

Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-10-30 15:57:53 +01:00
Jon Koops
5464205ab2
Cache Node.js installation and PNPM store
Closes #23695
2023-10-30 07:50:06 -04:00
Martin Bartoš
9627187447
Adapter tests failing with Jakarta error (#24177)
Fixes #24176
2023-10-24 10:11:48 -04:00
Bruno Oliveira da Silva
b05b575646
CVE-2023-44487 Denial of Service (DoS) vulnerability in io.netty (#24115)
Closes #23949
2023-10-20 09:13:27 +02:00
Stefan Guilhen
a4073bae46 Upgrade H2 to 2.2.224
Closes #24064
2023-10-18 18:09:49 +02:00
Sophie Tauchert
9df1c781eb Fix generated OpenAPI spec
Changes:
- update the smallrye openapi generator plugin to latest to correctly handle
  Stream<T> responses
- add annotations to RealmRepresentation.clientProfiles and .clientPolicies
2023-10-10 11:41:46 +02:00
vramik
7f2f4aae67 Upgrade liquibase version to avoid a bug where a changeset is executed twice
Closes #23220
2023-10-05 13:35:05 +02:00
Alex Szczuczko
7953085ed2
Fix set-version.sh's handling of NPM versions (#23638)
This introduces a maven property, `project.version.npm`, to allow maven to know what NPM version is, in scenarios that it's not identical to `project.version`. This occurs when the set-version's semver translation code is activated

Closes #23635
2023-10-04 08:00:53 +02:00
rmartinc
7afd90982d Align wildfly-core and wildfly version for tests
Closes https://github.com/keycloak/keycloak/issues/23342
2023-09-21 10:53:57 +02:00
Václav Muzikář
07bd6a3983
Upgrade to Quarkus 3.2.6 (#23281)
Closes #23280
2023-09-15 13:46:43 +02:00
Pedro Igor
63fc38ca1f
Marking wildfly-common as compile scope (#23105) 2023-09-11 16:08:32 +02:00
Alexander Schwartz
93a80e9278
Upgrade to Infinispan 14.0.17 (#23097)
Closes #23046
2023-09-08 17:26:40 +02:00
Alexander Schwartz
2eb37dbe4f Remove MS SQL JDBC driver from the Keycloak product
Closes #22983
2023-09-07 15:30:34 +02:00
Peter Skopek
35c2d52a54 Set distinct wildfly-common versions for Quarkus and WildFly based modules
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-07 13:32:25 +02:00
Peter Skopek
bca5fe8051 Tidy up SAML Adapter Galleon Feature Pack build
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-07 13:32:25 +02:00
Farah Juma
ec08a7bb73 Update the Keycloak SAML adapter subsystem to no longer use the AttributeDefinition#getAttributeMarshaller method
Closes https://github.com/keycloak/keycloak/issues/22593

Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-07 13:32:25 +02:00
Peter Skopek
ef272f7668 SAML Adapter fix for EAP8 and WF29
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-07 13:32:25 +02:00
Peter Skopek
c92d10c750 Remove org.jetbrains:annotations:jar from server distribution. (#23015)
Signed-off-by: Peter Skopek <pskopek@redhat.com>
2023-09-06 22:24:00 +02:00
Alexander Schwartz
71fa95721d
Upgrade to Infinispan 14.0.16 (#22945)
Closes #22932
2023-09-05 10:08:46 +02:00
Alexander Schwartz
65a3af8a1e
Upgrade to Infinispan 14.0.15.Final (#22887)
Closes #22855
2023-09-01 17:59:42 +02:00
Václav Muzikář
34348157ce
Upgrade to Quarkus 3.2.5.Final (#22746)
* Upgrade to Quarkus 3.2.5.Final
* Update K8s version

Closes #22745
2023-08-30 09:36:35 +02:00
Jon Koops
94f41444f4
Bump Node.js and PNPM versions (#22796) 2023-08-29 14:54:49 -04:00
Václav Muzikář
27b23ccefb
Upgrade to Quarkus 3.2.4.Final (#22419)
Closes #22418
2023-08-16 16:30:16 +02:00
Peter Skopek
ec2728c55c Update webauth4j to 0.21.5.RELEASE
Closes #22464
2023-08-16 10:21:18 -03:00
Alexander Schwartz
dfc8c80264
Upgrade to Infinispan 14.0.14 (#22386)
Closes #21092
2023-08-16 14:43:03 +02:00
Václav Muzikář
4b537bee42 Upgrade to Quarkus 3.2.3
Closes #22220
2023-08-04 14:51:26 +02:00
Václav Muzikář
ecdf8e897f
Upgrade to Quarkus 3.2.2.Final (#21912)
Closes #21907
2023-07-26 16:20:23 +02:00
Alexander Schwartz
7c9593f88a
Upgrade Infinispan to 14.0.13.Final (#21565)
Closes #21564
2023-07-20 16:59:19 +00:00
Václav Muzikář
776bcbcbd4
Update bcpkix and bcprov dependencies (#21543)
Closes #21360
2023-07-20 11:57:18 +02:00
Bruno Oliveira da Silva
ebf878e1f0
CVE-2022-45868 H2 Cleartext Storage of Sensitive Information (#21568)
Closes #21567
2023-07-11 08:09:24 +02:00
Václav Muzikář
97a37f565e
Align guava dependency with the Quarkus Platform BOM (#21544)
Closes #21364
2023-07-10 16:13:13 +02:00
Bruno Oliveira da Silva
ebc9e9f4ef CVE-2023-21971 - Update Connector/J to 8.0.33
Updates to the library name to align with the changes here:
- https://dev.mysql.com/doc/relnotes/connector-j/8.0/en/news-8-0-31.html

Closes #21199
2023-07-07 20:48:38 +02:00
Gregor Tudan
4517ef5d7e
Bump Freemarker to Version 2.3.32. (#16866)
Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-07-07 10:40:59 -03:00
Peter Zaoral
2b1c29a6f2 Use Quarkus Platform BOM
Closes #20570
Closes #15870

Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
2023-07-06 12:45:48 -03:00
Alexander Schwartz
3f1553c6cb Referencing information in pom.xml for the list of tested databases
Closes: #21349
2023-07-06 11:39:11 -03:00
Miquel Simon
e1eb5146a6 Closes #20226 and #20227. Upgrade ojdbc11 version due to CVE-2022-21510 and CVE-2022-21511. 2023-07-06 13:27:39 +02:00
Miquel Simon
9513cbbca0
Upgrade nexus staging maven plugin version (#21428)
Closes #21427
2023-07-04 11:00:04 +00:00
mposolda
0ea2891eee Remove support for OpenJDK 11 on the server side
closes #15014
2023-07-03 13:12:22 -03:00
Václav Muzikář
8db6f8185b Upgrade to Quarkus 3.2.0.Final and QOSDK 6.2.0
Closes #21272
2023-07-03 08:11:18 -03:00
Václav Muzikář
ad988ca914 Upgrade to Quarkus 3.2.0.Final and QOSDK 6.2.0
Closes #21272
2023-07-03 08:11:18 -03:00
Miquel Simon
83d043e7a8
Upgrade supported and tested version of Postgresql to 15 in order to match supported configuration for Keycloak 22. (#21333)
Closes #21338
2023-06-30 11:29:06 +00:00
Joshua Sorah
f695eeaa44 Refactor Admin REST API Documentation to use OpenAPI annotations.
Removes dependencies on swagger-doclet
Adds dependencies on microprofile-openapi-api
Plugins for smallrye-open-api-maven-plugin, openapi-generator-maven-plugin

Customized ascii doc template for openapi-generator-maven-plugin, to give similar feel to previous documentation.

OpenAPI annotations added to Admin REST API resources.

Closes keycloak/keycloak#20433
2023-06-29 17:03:38 +02:00
Bruno Oliveira da Silva
67c64c37df Guava vulnerable to insecure use of temporary directory
Closes #21079
2023-06-23 11:50:17 -03:00
Bruno Oliveira da Silva
4103ec58d8 Update to Quarkus 3.1.2.Final
Closes #21051
2023-06-19 12:59:11 -03:00