Commit graph

247 commits

Author SHA1 Message Date
Vlasta Ramik
ed473da22b
Clean-up of deprecated methods and interfaces
Fixes #20877

Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-06-09 17:11:20 +00:00
rmartinc
81aa588ddc Fix and correlate session timeout calculations in legacy and new map implementations
Closes https://github.com/keycloak/keycloak/issues/14854
Closes https://github.com/keycloak/keycloak/issues/11990
2023-06-05 18:46:23 +02:00
Hynek Mlnarik
fc0e47caa4 Fix KcCustomOidcBrokerTest
Fixes: #20541
2023-05-25 10:20:36 +02:00
Stefan Guilhen
2252b09949 Remove deprecated default roles methods
Closes #15046
2023-05-23 22:32:52 +02:00
Alexander Schwartz
7f64ca0048
Avoid querying with secondary columns which might fetch and lock additional rows (#20474)
* Accessing UserSession by primary key

This resolves problematic locking queries databases running on SERIALIZABLE isolation level like CockroachDB

Closes #16977

* Avoid querying with expiring column

This resolves problematic locking queries databases running on SERIALIZABLE isolation level like CockroachDB

Closes #16977
2023-05-23 07:19:58 +00:00
mkrueger92
256bb84cc4
Avoid NPE while fetching offline sessions (#17577) 2023-05-18 13:32:02 +02:00
Dominik Schlosser
8c58f39a49 Updates Datastore provider to contain full data model
Closes #15490
2023-05-16 15:05:10 +02:00
Hynek Mlnařík
edb292664c
File store freeze
* File store: Fix ID determination

* Forbid changing ID (other setters)

* Improve handling of null values

* Support convertible keys in maps

* Fix writing empty values

* Fix updated flag

* Proceed if an object has been deleted in the same tx

* Fix condition

Co-authored-by: Michal Hajas <mhajas@redhat.com>

---------

Co-authored-by: Michal Hajas <mhajas@redhat.com>
2023-05-16 12:03:59 +02:00
vramik
6c6907ef4e Clean RealmProvider from methods from other areas
Closes #15044
2023-05-02 15:09:26 +02:00
Hynek Mlnarik
68b3c87666 Support for realm-less entities in providers (login failures)
Closes: #19818
2023-04-20 21:19:41 +02:00
Michal Hajas
b730d861e7
Refactor map storage transaction initialization
* Refactor transaction to be enlisted in MapStorageProvider instead of area provider

* Make KeycloakTransaction methods optional for MapKeycloakTransaction

* Remove MapStorage interface that contained only createTransaction method

* Rename *MapStorage to *CrudOperations

* Adjust File store to new structure

* Rename MapKeycloakTransaction to MapStorage

* Rename getEnlistedTransaction to getMapStorage in AbstractMapProviderFactory

* Rename variables tx and transaction to store

* Add createMapStorageIfAbsent to JpaMapStorageProvider

* Update JavaDoc

Co-authored-by:  Hynek Mlnarik <hmlnarik@redhat.com>
2023-04-12 11:21:14 +02:00
mposolda
4d8d6f8cd8 Preserve authentication flow IDs after import
closes #9564
2023-04-03 16:01:52 +02:00
Alexander Schwartz
513bb809f3 Add a map storage global locking implementation for JPA
Closes #14734
2023-03-21 08:21:11 +01:00
Michal Hajas
465019bec4 Extract attachDevice outside of storage layer
Closes #17336
2023-03-03 17:58:34 +01:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334)
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-03-03 11:11:44 +01:00
Hynek Mlnarik
7d136c5cca Generate map-like collection accessors
Along the way fixes also problem with field delegates which
applied manually-crafted methods like `MapUserEntity.removeCredential(id)`
to the delegate itself rather than to the underlying object.

Co-authored-By: Michal Hajas <mhajas@redhat.com>

Closes: #17223
2023-02-22 17:26:31 +01:00
Hynek Mlnarik
878debd2ab Forbid changing ID
Closes: #16881
2023-02-22 17:19:22 +01:00
Michal Hajas
1c79a5666d Deprecate RoleModel.SearchableFields.IS_CLIENT_ROLE field
Closes #17144
2023-02-16 20:50:46 +01:00
Hynek Mlnarik
d768e75be7 Fix clientRole warning
Fixes: #16857
2023-02-15 10:59:52 +01:00
Hynek Mlnařík
f71ab092de
File store basis
Fixes: #16676

---

* Enhance DefaultModelCriteria
* Fix collection
* Fix delete in CHMKeycloakTransaction
* Add HasRealmId interface
* Fix EntityFieldDelegate
* Support for realm-less entities in providers
* Support for realm-less entities in providers (events)
* File store basis
* Add support for writing
* Support running KeycloakServer with file store
* Add support for file store in model testsuite

---------

Co-authored-by: vramik <vramik@redhat.com>
2023-02-07 14:59:23 +01:00
Martin Kanis
a912558d29 Add MapKeycloakTransaction.exists methods 2023-01-31 17:21:40 +01:00
Alexander Schwartz
e9e6b73bd2 Avoid using Hibernate APIs to cache query results as the API changes in Hibernate 6
Closes #16332
2023-01-18 14:42:42 +01:00
vramik
f11bef3e7f EntityField mapPut and collectionAdd default methods doesn't insert an element when get(e) returns null
Closes #16317
2023-01-09 15:52:58 +01:00
Hynek Mlnařík
208affe000 Update generator to record the entity to fields mapping
Fixes: #15677
2022-12-08 15:40:28 +01:00
Hynek Mlnarik
901c85f6c0 Camel case field names
Fixes: #15846
2022-12-08 15:40:28 +01:00
Michal Hajas
de7dd77aeb Change id of TermsAndConditions required actions to uppercase
Closes #9991
2022-12-07 10:51:37 -03:00
Pedro Igor
168734b817 Removing references to request and response from Resteasy
Closes #15374
2022-12-01 08:38:24 -03:00
Alexander Schwartz
fd152e8a3e Modify RealmAdminResource.partialImport to work with InputStream
Rework existing PartialImportManager to not interfere with transaction handling, and bundle everything related to AdminEventBuild and JAX-RS Repsonses inside the Resource.

Closes #13611
2022-11-24 11:45:11 +01:00
Alexander Schwartz
b6b6d01a8a Importing a representation by first creating the defaults, importing a representation and then copying it over to the real store.
This is the foundation for a setup that's needed when importing the new file store for which importing the representation serves as a placeholder.

Closes #14583
2022-11-16 09:56:13 +01:00
Marek Posolda
2ba5ca3c5f
Support for multiple keys with same kid, which differ just by algorithm in the JWKS (#15114)
Closes #14794
2022-11-03 09:32:45 +01:00
Alexander Schwartz
9f95b6ec63 Remove unnecessary lookup of an entity via the session
Closes #11744
2022-11-02 10:27:14 +01:00
Alexander Schwartz
9fb9780f02 Don't rely on DefaultModeLCriteria in equals/hashCode
Instead, map this to JPA query and then create the cache lookup key from there.

Closes #14938
2022-10-26 15:49:26 +02:00
Alexander Schwartz
e494649a4e First naïve per-session caching for JPA map store
Closes #14938
2022-10-26 15:49:26 +02:00
Michal Hajas
883e83e625 Remove deprecated methods from data providers and models
Closes #14720
2022-10-25 09:01:33 +02:00
vramik
f49582cf63 MapUserProvider in KC20 needs to store username compatible with KC19 to be no-downtime-upgradable
Closes #14678
2022-10-14 09:32:38 +02:00
danielFesenmeyer
f80a8fbed0 Avoid login failures in case of non-existing group or role references and update references in case of renaming or moving
- no longer throw an exception, when a role or group cannot be found, log a warning instead
- update mapper references in case of the following events:
   - moving a group
   - renaming a group
   - renaming a role
   - renaming a client's Client ID (may affect role qualifiers)
- in case a role or group is removed, the reference still will not be changed
- extend and refactor integration tests in order to check the new behavior

Closes #11236
2022-10-13 13:23:29 +02:00
Martin Kanis
761929d174
Merge ActionTokenStoreProvider and SingleUseObjectProvider (#13677)
Closes #13334
2022-10-13 09:26:44 +02:00
Alexander Schwartz
b67ce73227 Cleanup MapUserSessionAdapter.getAuthenticatedClientSessions()
Closes #14743
2022-10-10 13:01:14 +02:00
vramik
a62e98f966 MapUserProvider should throw an exception for more than one user
Closes #14672
2022-10-06 13:11:57 +02:00
Hynek Mlnarik
36a1ce6a1a Ensure map storage providers are closed upon session close
Fixes: #14730
2022-10-05 14:16:19 +02:00
Alice Wood
1eb7e95b97 enhance existing group search functionality allow exact name search keycloak/keycloak#13973
Co-authored-by: Abhijeet Gandhewar <agandhew@redhat.com>
2022-09-30 10:37:52 +02:00
Alexander Schwartz
be2deb0517 Modify RealmsAdminResource.importRealm to work with InputStream
Closes #13609
2022-09-26 20:58:08 +02:00
Alice Wood
55a660f50b enhance group search to allow searching for groups via attribute keycloak/keycloak#12964
Co-authored-by: Abhijeet Gandhewar <agandhew@redhat.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2022-09-19 15:19:36 +02:00
Christoph Leistert
7e5b45f999 Issue #8749: Add an option to control the order of the event query and admin event query 2022-09-11 21:30:12 +02:00
Alexander Schwartz
1d2d3e5ca5 Move UserFederatedStorageProvider into legacy module
Closes #13627
2022-09-11 18:37:45 +02:00
Martin Bartoš
0fcf5d3936 Reuse of token in TOTP is possible
Fixes #13607
2022-09-09 08:56:02 -03:00
vramik
869ccc82b2 Enable MapUserProvider storing username with the letter case significance
Closes #10245
Closes #11602
2022-09-09 11:46:11 +02:00
Christoph Leistert
cc2bb96abc Fixes #9482: A user could be assigned to a parent group if he is already assigned to a subgroup. 2022-09-06 21:31:31 +02:00
Thomas Peter
19d69169b1 introduce expiration option for admin events 2022-09-06 16:05:53 +02:00
Michal Hajas
f69497eb28 KEYCLOAK-12988 Deprecate getUsers* methods in favor of searchUsers* variants
Closes #14018
2022-09-06 10:38:28 +02:00