Yoshikazu Nojima
e495a3d403
Add Apache Kerby to Quarkus runtime dependencies ( #10994 )
...
Apache Kerby is used by WebAuthn attestation verification
Without this library the assertion verification fails in Quarkus
distribution
Closes #10779
2022-04-19 14:04:22 +02:00
Dominik Guhr
6ef80239cf
change approvals to reflect typofix
...
Closes #11344
2022-04-19 07:34:15 -03:00
Pedro Igor
9eca6b4e75
Add environment variable expansion to keycloak.conf ( #11285 )
...
Closes #11283
Co-authored-by: Dominik Guhr <dguhr@redhat.com>
Co-authored-by: Dominik Guhr <dguhr@redhat.com>
2022-04-19 09:11:29 +02:00
Pedro Igor
c5e4dc8cec
Associated permissions should only add resource type permissions if the resource is an instance ( #11220 )
...
Closes #11148
2022-04-19 09:10:14 +02:00
Pedro Igor
52d205ca91
Allow exposing some initial provider config options via web site ( #10572 )
...
* Allow exposing some initial provider config options via web site
Co-authored-by: Stian Thorgersen <stian@redhat.com>
Closes #10571
* Include type to provider options, and hide build-icon column as it's not relevant
Co-authored-by: stianst <stianst@gmail.com>
2022-04-19 08:01:42 +02:00
Bruno Oliveira da Silva
f9d4566723
Replace the cryptographic algorithm by SHA-2
...
The static code scanning analysis detected the usage of MD5 as part of [
MapDeploymentStateProviderFactory](a6dd9dc0f1/model/map/src/main/java/org/keycloak/models/map/deploymentState/MapDeploymentStateProviderFactory.java (L58-L58)
).
Even though we could not find any ways of exploiting the code, we should
avoid its usage considering that MD5 is not collision-resistant.
Resolves #11290
2022-04-18 07:10:04 -03:00
McLaynV
91c191024e
Fix a typo in a description String ( #11260 )
...
Resolves #11344
2022-04-18 07:09:24 -03:00
Martin Kanis
a2d7cd7a5c
Hot Rod map storage: User / client session no-downtime store
2022-04-14 15:34:22 +02:00
Makariy
3b4d87ddcd
Mistyping correction ( #11242 )
...
Resolves #11288
Co-authored-by: m.balashov <m.balashov@crpt.ru>
2022-04-14 09:58:54 -03:00
Pedro Igor
6bf9080d8d
Remove deployment module dependency from server module
...
Closes #11257
2022-04-14 07:25:00 -03:00
dependabot[bot]
cb4cd279ab
Bump aquasecurity/trivy-action to 0.2.3 ( #11274 )
...
Resolves #11308
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 05:55:56 -03:00
dependabot[bot]
df1c3b1a8d
Bump actions/setup-java from 2 to 3 ( #11275 )
...
Resolves #11307
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 05:52:59 -03:00
dependabot[bot]
db229ee55e
Bump github/codeql-action from 2.1.7 to 2.1.8 ( #11273 )
...
Resolves #11306
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-14 05:49:32 -03:00
msvechla
820ab52dce
Add support for filtering by enabled attribute on users count endpoint ( #9842 )
...
Resolves #10896
2022-04-13 13:57:22 -03:00
Bruno Oliveira da Silva
1661a4ecc7
Suppress Snyk warnings about WildFly Elytron
...
Resolves #11277
2022-04-13 11:18:03 -03:00
Stan Silvert
ed79c2a861
Revert "Include Admin UI as a regular dependency ( #11156 )" ( #11280 )
...
This reverts commit 31c272d73f
.
2022-04-13 09:19:49 -04:00
Jon Koops
31c272d73f
Include Admin UI as a regular dependency ( #11156 )
2022-04-13 09:18:56 -04:00
Dominik Guhr
7811f3721a
Add db-url-port option
...
to set the port when not using a full db-url
closes #11251
2022-04-13 08:31:25 -03:00
Pedro Igor
7058a123b1
Avoid initializing the OWASP HTML Sanitizer at startup
...
Closes #11261
2022-04-13 08:21:53 -03:00
Dominik Guhr
52150cacfc
adjust rp docs to clarify exposing js path
...
Closes #11041
2022-04-13 08:08:48 -03:00
Jon Koops
034748ed0a
Add Dependabot config to keep Github Actions up-to-date
2022-04-13 08:07:49 -03:00
bamanuel
7652bbfcd1
Fix unmatched braces in error log formatter
...
Closes #11252
2022-04-13 08:03:29 -03:00
Bruno Oliveira da Silva
fc1eb02ed5
Update WildFly Elytron on the legacy distribution (CVE-2021-3642)
...
This change is a follow up of #11196
Resolves #11249
2022-04-12 17:02:08 -03:00
Bruno Oliveira da Silva
82fbe6c0d5
Update jackson-databind dependency in the main POM file to fix CVE-2020-36518
...
Resolves #11188
2022-04-12 11:23:30 -03:00
Václav Muzikář
66b1c2b167
Change the CRD API group in the operator
2022-04-12 09:38:40 -03:00
R0Wi
cb4a513e24
Fail authenticate if credentialInput is not of type UserCredentialModel
...
Code fix inside LDAPStorageProvider.java:
return failed result if credential input object is not of expected type
Closes #11191
2022-04-12 14:38:17 +02:00
Alexander Schwartz
5c1a8d401d
Store time as seconds as a long in map store
...
This avoids overflowing the value in 2038.
Closes #10960
2022-04-12 14:22:44 +02:00
Andrea Peruffo
4def2d83e0
Bump Jackson and Kubernetes-client ( #11241 )
...
Resolves : #11245
2022-04-12 09:15:42 -03:00
Giacomo Altiero
3b7243cd47
Support for UserInfo response encrypted ( #10519 )
...
Close #10517
2022-04-12 14:01:14 +02:00
Alexander Schwartz
a6dd9dc0f1
Avoiding AvlPartitionFactory and using JdbmPartitionFactory for the embedded LDAP to work around unstable tests.
...
Fix for #11171 didn't turn out to cover the root cause. Also improved transaction handling in LDAP Map storage.
Closes #11211
2022-04-12 09:12:21 +02:00
Bruno Oliveira da Silva
bde2744650
Ignore license compliance warnings
...
Resolves #11225
2022-04-11 19:12:17 -03:00
Václav Muzikář
20d037a4ad
Revert Operator CI
2022-04-11 12:33:22 -03:00
Michal Hajas
6e181a51d5
Add test-jar dependency only if maven.test.skip property is false
...
Closes #11192
2022-04-11 10:37:18 -03:00
Bruno Oliveira da Silva
bb025f1378
Update wildfly-elytron dependency in the main Quarkus distribution (CVE-2021-3642)
...
Resolves #11196
2022-04-11 09:47:39 -03:00
Alexander Schwartz
5c810ad0e5
Avoid short-lived connections for ApacheDS to avoid messages around "ignoring the message MessageType UNBIND_REQUEST"
...
The comment in LdapRequestHandler.java in ApacheDS notes just before discarding an unbind request: "in some cases the session is becoming null though the client is sending the UnbindRequest before closing".
Also implementing a retry logic for all remaining errors regarding LDAP.
Closes #11171
2022-04-11 10:03:15 +02:00
Bruno Oliveira da Silva
0ff92df01f
Suppress Snyk false positives
...
Resolves #11203
2022-04-09 09:17:30 -03:00
Benjamin Macher
f84f5fd86e
Add README for Keycloak JS to the NPM package ( #10085 )
2022-04-08 12:43:37 -04:00
mposolda
fb81242658
Script Mapper Performance Issues
...
Closes #11005
2022-04-08 09:47:43 -03:00
Pedro Igor
834a276767
NPE when caching policies based on scopes without a resource
...
Closes #11180
2022-04-08 08:43:08 -03:00
Andrea Peruffo
a521bcfe92
Advanced Keycloak CR configuration ( #11065 )
...
* Advanced Keycloak CR configuration
* Update docs/guides/src/main/operator/advanced-configuration.adoc
Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com>
Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com>
2022-04-08 11:57:22 +02:00
Andrea Peruffo
854b75e132
Add how to install extensions to the container docs ( #11025 )
2022-04-08 11:56:47 +02:00
Andrea Peruffo
57f2b744a0
Add RealmImport CR docs ( #11037 )
2022-04-08 11:56:03 +02:00
Andrea Peruffo
3bfc6721b3
Add JsonPropertyDescription on all CR fields ( #11052 )
2022-04-08 11:55:43 +02:00
Andrea Peruffo
7816e69e38
Build the Olm bundle and test it in CI ( #10949 )
...
* Building the OLM bundle
* kustomize the main CRD for the OLM bundle
* minor fixes
2022-04-08 10:22:01 +02:00
Stefan Guilhen
d952669f69
Add clearUpdatedFlag so the flag in associated protocol mappers can be cleared as well
...
Closes #11118
2022-04-08 09:36:55 +02:00
Michal Hajas
1f2ebf4cba
Add HotRod no downtime store for Realms
...
Closes #9670
2022-04-08 09:36:01 +02:00
Martin Kanis
3bb4081bd1
Convert user / client session entities into interface
2022-04-08 09:34:01 +02:00
Dominik Guhr
9cb38087b4
Add section about hostname syntax to hostname guide
...
Superseeds PR #11139 , as validation needs more investigation to work for everyone
Closes #11134
2022-04-07 15:14:43 -03:00
Michal Hajas
f4f5928727
Add type to filters in MapResourceStore
...
Closes #11154
2022-04-07 15:10:20 -03:00
Pedro Igor
b4770c30fd
Fixing NPE when querying resources by type
...
Closes #11137
2022-04-07 15:10:20 -03:00