Stefan Gries
e988e4f135
Implement case-insensitive comparison for search on provider info page ( #26590 )
...
Helps users to find the providers they are searching for without knowing how it is spelled internally.
Fixes #26589
Signed-off-by: Stefan Gries <stefan.gries@codecentric.de>
2024-01-31 12:06:28 +00:00
Václav Muzikář
4096a2657e
Supported option to specify site name for multi-site deployments
...
Closes #26460
Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
2024-01-31 11:52:19 +00:00
Stian Thorgersen
b9044f5e11
Update teams and areas ( #26624 )
...
Signed-off-by: stianst <stianst@gmail.com>
2024-01-31 12:33:54 +01:00
mposolda
10ba70c972
Possibility to email being not required
...
closes #26552
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-01-31 10:57:10 +01:00
Steven Hawkins
b41e2f82c4
fix: completely removing problematic assertion ( #26613 )
...
closes : #26529
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-31 10:19:14 +01:00
dependabot[bot]
983e2c7033
Bump reactflow from 11.10.2 to 11.10.3 in /js ( #26519 )
...
Bumps [reactflow](https://github.com/xyflow/xyflow/tree/HEAD/packages/reactflow ) from 11.10.2 to 11.10.3.
- [Release notes](https://github.com/xyflow/xyflow/releases )
- [Changelog](https://github.com/xyflow/xyflow/blob/reactflow@11.10.3/packages/reactflow/CHANGELOG.md )
- [Commits](https://github.com/xyflow/xyflow/commits/reactflow@11.10.3/packages/reactflow )
---
updated-dependencies:
- dependency-name: reactflow
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-31 09:54:33 +01:00
dependabot[bot]
8968773f46
Bump @testing-library/react from 14.1.2 to 14.2.0 in /js ( #26620 )
...
Bumps [@testing-library/react](https://github.com/testing-library/react-testing-library ) from 14.1.2 to 14.2.0.
- [Release notes](https://github.com/testing-library/react-testing-library/releases )
- [Changelog](https://github.com/testing-library/react-testing-library/blob/main/CHANGELOG.md )
- [Commits](https://github.com/testing-library/react-testing-library/compare/v14.1.2...v14.2.0 )
---
updated-dependencies:
- dependency-name: "@testing-library/react"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-31 09:49:40 +01:00
dependabot[bot]
f900ab570f
Bump cypress from 13.6.3 to 13.6.4 in /js ( #26621 )
...
Bumps [cypress](https://github.com/cypress-io/cypress ) from 13.6.3 to 13.6.4.
- [Release notes](https://github.com/cypress-io/cypress/releases )
- [Changelog](https://github.com/cypress-io/cypress/blob/develop/CHANGELOG.md )
- [Commits](https://github.com/cypress-io/cypress/compare/v13.6.3...v13.6.4 )
---
updated-dependencies:
- dependency-name: cypress
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-31 09:49:25 +01:00
dependabot[bot]
1b9a957bbf
Bump @types/node from 20.11.10 to 20.11.13 in /js ( #26622 )
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 20.11.10 to 20.11.13.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-31 09:49:09 +01:00
Thomas Darimont
346c2926f6
Fix error type in SAML response on missing destination
...
We now use INVALID_SAML_RESPONSE insteadof INVALID_LOGOUT_RESPONSE.
Added proposed test case.
Closes #11178
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
Co-authored-by: Chris Dolphy <cdolphy@redhat.com>
2024-01-31 09:32:14 +01:00
Steven Hawkins
2480fab6f9
fix: accounting for a null container ( #26605 )
...
closes : #26604
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-30 18:02:00 +00:00
Stefan Wiedemann
fa948f37e0
Issue Verifiable Credentials in jwt_vc format #25941 ( #26484 )
...
closes #25941
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
2024-01-30 18:35:20 +01:00
mposolda
1213556eff
Fixes for UsernameIDNHomographValidator
...
closes #26564
Signed-off-by: mposolda <mposolda@gmail.com>
2024-01-30 14:30:28 +01:00
Chris Tanaskoski
5373f3c97a
Don't fail reset credentials action upon first broker login without EXISTING_USER_INFO
( #26324 )
...
The ResetCredentialsActionTokenHandler depends upon the `EXISTING_USER_INFO` through `AbstractIdpAuthenticator.getExistingUser` solely to log the username. However, if the first broker login flow does not include a `IdpCreateUserIfUniqueAuthenticator` or `IdpDetectExistingBrokerUserAuthenticator`, the `EXISTING_USER_INFO` is never set.
This commit does not attempt to fetch the existing user if we don't have this info set.
Closes #26323
Signed-off-by: Chris Tanaskoski <chris@devristo.com>
2024-01-30 11:16:52 +00:00
Erik Jan de Wit
02d86d1d8f
removed revocation ( #26459 )
...
fixes : #17734
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-30 10:49:39 +01:00
dependabot[bot]
4716c956b0
Bump @typescript-eslint/parser from 6.19.1 to 6.20.0 in /js
...
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser ) from 6.19.1 to 6.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.20.0/packages/parser )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 10:32:10 +01:00
dependabot[bot]
321f0088c4
Bump @testing-library/jest-dom from 6.3.0 to 6.4.0 in /js
...
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom ) from 6.3.0 to 6.4.0.
- [Release notes](https://github.com/testing-library/jest-dom/releases )
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md )
- [Commits](https://github.com/testing-library/jest-dom/compare/v6.3.0...v6.4.0 )
---
updated-dependencies:
- dependency-name: "@testing-library/jest-dom"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 10:15:17 +01:00
dependabot[bot]
1d4458763b
Bump i18next from 23.8.0 to 23.8.1 in /js
...
Bumps [i18next](https://github.com/i18next/i18next ) from 23.8.0 to 23.8.1.
- [Release notes](https://github.com/i18next/i18next/releases )
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next/compare/v23.8.0...v23.8.1 )
---
updated-dependencies:
- dependency-name: i18next
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 10:14:48 +01:00
dependabot[bot]
eb7a3cf6c9
Bump @typescript-eslint/eslint-plugin from 6.19.1 to 6.20.0 in /js
...
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin ) from 6.19.1 to 6.20.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.20.0/packages/eslint-plugin )
---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-30 10:13:54 +01:00
Steven Hawkins
00ea73d6ba
fix: increases another timeout to accomodate for the transaction timeout ( #26566 )
...
closes : #26529
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-30 09:16:34 +01:00
Dipesh Singh
7e021730c7
Show displayName
of realm on welcome page ( #26562 )
...
Closes #25897
Signed-off-by: dipeshsingh253 <sinhdipesh@gmail.com>
2024-01-29 19:23:08 +01:00
Steven Hawkins
ed96b13312
fix: preservation of the command line in the --optimized suggestion ( #26163 )
...
closes #26140
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2024-01-29 13:48:53 +01:00
TheKeeroll
13b8db0026
typo fix ( #26526 )
...
Signed-off-by: TheKeeroll <57570053+TheKeeroll@users.noreply.github.com>
2024-01-29 11:40:21 +00:00
Réda Housni Alaoui
eff289be1c
Effective email address missing from email confirmation French translation ( #26551 )
...
Signed-off-by: Réda Housni Alaoui <reda-alaoui@hey.com>
2024-01-29 11:31:14 +01:00
Stian Thorgersen
0fb6bdfcac
Cookie Provider - move remaining cookies ( #26531 )
...
Closes #26500
Signed-off-by: stianst <stianst@gmail.com>
2024-01-29 11:06:37 +01:00
dependabot[bot]
d7ed09fbea
Bump wireit from 0.14.3 to 0.14.4 in /js
...
Bumps [wireit](https://github.com/google/wireit ) from 0.14.3 to 0.14.4.
- [Changelog](https://github.com/google/wireit/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google/wireit/compare/v0.14.3...v0.14.4 )
---
updated-dependencies:
- dependency-name: wireit
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 10:39:39 +01:00
dependabot[bot]
51a596dd15
Bump vitest from 1.2.1 to 1.2.2 in /js
...
Bumps [vitest](https://github.com/vitest-dev/vitest/tree/HEAD/packages/vitest ) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/vitest-dev/vitest/releases )
- [Commits](https://github.com/vitest-dev/vitest/commits/v1.2.2/packages/vitest )
---
updated-dependencies:
- dependency-name: vitest
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 10:38:24 +01:00
dependabot[bot]
9fa743bec3
Bump chai from 5.0.0 to 5.0.3 in /js ( #26518 )
...
Bumps [chai](https://github.com/chaijs/chai ) from 5.0.0 to 5.0.3.
- [Release notes](https://github.com/chaijs/chai/releases )
- [Changelog](https://github.com/chaijs/chai/blob/main/History.md )
- [Commits](https://github.com/chaijs/chai/compare/v5.0.0...v5.0.3 )
---
updated-dependencies:
- dependency-name: chai
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-29 09:36:12 +00:00
dependabot[bot]
01bb6726ea
Bump i18next from 23.7.19 to 23.8.0 in /js
...
Bumps [i18next](https://github.com/i18next/i18next ) from 23.7.19 to 23.8.0.
- [Release notes](https://github.com/i18next/i18next/releases )
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next/compare/v23.7.19...v23.8.0 )
---
updated-dependencies:
- dependency-name: i18next
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 10:16:53 +01:00
dependabot[bot]
39b1c830e4
Bump @types/node from 20.11.6 to 20.11.10 in /js
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 20.11.6 to 20.11.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-01-29 10:16:38 +01:00
dependabot[bot]
0178a91f66
Bump @faker-js/faker from 8.3.1 to 8.4.0 in /js ( #26521 )
...
Bumps [@faker-js/faker](https://github.com/faker-js/faker ) from 8.3.1 to 8.4.0.
- [Release notes](https://github.com/faker-js/faker/releases )
- [Changelog](https://github.com/faker-js/faker/blob/next/CHANGELOG.md )
- [Commits](https://github.com/faker-js/faker/compare/v8.3.1...v8.4.0 )
---
updated-dependencies:
- dependency-name: "@faker-js/faker"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-26 19:15:05 +01:00
dependabot[bot]
1db2c50512
Bump @types/node from 20.11.5 to 20.11.6 in /js ( #26480 )
...
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 20.11.5 to 20.11.6.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
---
updated-dependencies:
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-26 19:12:17 +01:00
Lex Cao
cf3f05a259
Skip grant role if exists for federated storage ( #26508 )
...
Closes #26507
Signed-off-by: Lex Cao <lexcao@foxmail.com>
2024-01-26 17:08:47 +00:00
Fouad Almalki
b7d2010af7
Add missing Arabic translations ( #26486 )
...
Closes #26485
Signed-off-by: Fouad Almalki <me@fouad.io>
2024-01-26 10:08:02 +00:00
Stian Thorgersen
bc3c27909e
Cookie Provider ( #26499 )
...
Closes #26500
Signed-off-by: stianst <stianst@gmail.com>
2024-01-26 10:45:00 +01:00
Bruno Oliveira da Silva
3655268e4d
Ensure that the CNCF Code of Conduct are explicitly referenced at the project's README on GitHub
...
Closes #26268
Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2024-01-25 16:22:04 -03:00
dependabot[bot]
758e4e9056
Bump i18next from 23.7.18 to 23.7.19 in /js ( #26481 )
...
Bumps [i18next](https://github.com/i18next/i18next ) from 23.7.18 to 23.7.19.
- [Release notes](https://github.com/i18next/i18next/releases )
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next/compare/v23.7.18...v23.7.19 )
---
updated-dependencies:
- dependency-name: i18next
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-25 17:30:37 +00:00
dependabot[bot]
1f290a81f9
Bump js-sha256 from 0.10.1 to 0.11.0 in /js ( #26478 )
...
Bumps [js-sha256](https://github.com/emn178/js-sha256 ) from 0.10.1 to 0.11.0.
- [Changelog](https://github.com/emn178/js-sha256/blob/master/CHANGELOG.md )
- [Commits](https://github.com/emn178/js-sha256/compare/v0.10.1...v0.11.0 )
---
updated-dependencies:
- dependency-name: js-sha256
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-25 18:08:41 +01:00
dependabot[bot]
9fec709501
Bump vite-plugin-dts from 3.7.1 to 3.7.2 in /js ( #26482 )
...
Bumps [vite-plugin-dts](https://github.com/qmhc/vite-plugin-dts ) from 3.7.1 to 3.7.2.
- [Release notes](https://github.com/qmhc/vite-plugin-dts/releases )
- [Changelog](https://github.com/qmhc/vite-plugin-dts/blob/main/CHANGELOG.md )
- [Commits](https://github.com/qmhc/vite-plugin-dts/compare/v3.7.1...v3.7.2 )
---
updated-dependencies:
- dependency-name: vite-plugin-dts
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-25 18:07:57 +01:00
dependabot[bot]
45466a1707
Bump @testing-library/jest-dom from 6.2.1 to 6.3.0 in /js ( #26479 )
...
Bumps [@testing-library/jest-dom](https://github.com/testing-library/jest-dom ) from 6.2.1 to 6.3.0.
- [Release notes](https://github.com/testing-library/jest-dom/releases )
- [Changelog](https://github.com/testing-library/jest-dom/blob/main/CHANGELOG.md )
- [Commits](https://github.com/testing-library/jest-dom/compare/v6.2.1...v6.3.0 )
---
updated-dependencies:
- dependency-name: "@testing-library/jest-dom"
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-25 18:05:28 +01:00
Marek Posolda
651d99db25
Allow selecting attributes from user profile when managing token mappers ( #26415 )
...
* Allow selecting attributes from user profile when managing token mappers
closes #24250
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2024-01-25 17:01:02 +01:00
Martin Kanis
7797f778d1
Map Store Removal: Rename legacy modules
...
Closes #24107
Signed-off-by: Martin Kanis <mkanis@redhat.com>
2024-01-25 16:29:16 +01:00
Erik Jan de Wit
28c9f98930
moved login screen to patternfly 5 ( #25340 )
...
* moved login screen to patternfly 5
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* added Feature flag to enable login v2
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* removed the old css and only include logo and background styles
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* changed to experimental
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* added login2
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
* added windows help texts
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
---------
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2024-01-25 13:45:53 +01:00
Ricardo Martin
b58f35fb47
Revert "Enable verify profile required action by default for new realms" ( #26495 )
...
This reverts commit 7f195acc14
.
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-25 12:28:16 +01:00
Sol Roberts
29bc02a699
fix http_tlsSecret example for operator ( #26282 )
...
Signed-off-by: BadgerOps <github@badgerops.net>
2024-01-25 11:10:56 +01:00
Stefan Wiedemann
efa6ddc41e
Create SPI and Provider for Verifiable Credentials Signing #25937 ( #26263 )
...
* implement oid4vci service interfaces
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* add oid4vc to the disabled features test
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* fix test and add doc
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* add the new preview feature
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* add class-level doc
remove wildcard imports
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* add license headers
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* fix year
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* fix teste
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* two additional test fixes
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* make the feature experimental
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* remove clock
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* remove usage of var
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
* fix tests
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
---------
Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>
2024-01-25 07:36:28 +01:00
Stian Thorgersen
cbfdae5e75
Remove support for multiple AUTH_SESSION_ID cookies ( #26462 )
...
Closes #26457
Signed-off-by: stianst <stianst@gmail.com>
2024-01-25 06:58:42 +01:00
rmartinc
7f195acc14
Enable verify profile required action by default for new realms
...
Closes #25985
Signed-off-by: rmartinc <rmartinc@redhat.com>
2024-01-24 20:28:06 +01:00
Thomas Darimont
e7363905fa
Change password hashing defaults according to OWASP recommendations ( #16629 )
...
Changes according to the latest [OWASP cheat sheet for secure Password Storage](https://cheatsheetseries.owasp.org/cheatsheets/Password_Storage_Cheat_Sheet.html#pbkdf2 ):
- Changed default password hashing algorithm from pbkdf2-sha256 to pbkdf2-sha512
- Increased number of hash iterations for pbkdf2-sha1 from 20.000 to 1.300.000
- Increased number of hash iterations for pbkdf2-sha256 from 27.500 to 600.000
- Increased number of hash iterations for pbkdf2-sha512 from 30.000 to 210.000
- Adapt PasswordHashingTest to new defaults
- The test testBenchmarkPasswordHashingConfigurations can be used to compare the different hashing configurations.
- Document changes in changes document with note on performance and how
to keep the old behaviour.
- Log a warning at the first time when Pbkdf2PasswordHashProviderFactory is used directly
Fixes #16629
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-01-24 18:35:51 +01:00
Stian Thorgersen
208e3a6529
Exclude ubuntu-latest (sanity-check-zip) as it is running the full zip ( #26463 )
...
Signed-off-by: stianst <stianst@gmail.com>
2024-01-24 16:48:41 +00:00