Alexander Schwartz
9143d8bd0e
Store composite roles within its own table for JPA Map storage.
...
This keeps the JSON column small, enables searching by child, and allows modification of the role's children without loading all children.
Closes #11844
2022-07-01 14:13:24 -03:00
Alexander Schwartz
d407a37ba3
Instead of returning instances with different semantics, throw an exception.
...
This exception points the caller to the migration guide of Keycloak 19.
Closes #12556
2022-07-01 14:12:39 -03:00
Alexander Schwartz
c02059e0e5
Building the test-jar as it is one of the dependencies of the keycloak-crypto-fips1402 module
...
Also, ensure to run the workflow on changes to the workflow file.
Closes #12866
2022-07-01 10:29:43 -03:00
Konstantinos Georgilakis
32f8f30f36
Include 'urn:ietf:params:oauth:grant-type:token-exchange' in grant_types_supported field of Keycloak OP metadata, if token-exchange is enabled
...
closes #10888
2022-06-30 17:13:47 -03:00
Dominik Guhr
1d6dde02e5
Add support and docs for centralized logging using gelf.
...
* 99% 1:1 wrapper of the underlying quarkus gelf extension.
* excluded `filter-stack-trace` and `stack-trace-throwable-reference` options for now, as they are either undocumented on the quarkus side or not important imo.
* added docs and examples for Graylog and ELK stack
* NOT added an automated test, as this is really a 1:1 wrapper around the extension, Test setup would be cumbersome, test would take too much time and tests are done in quarkus itself.
Closes #12125
2022-06-30 16:16:19 -03:00
Dominik Guhr
c19428aa81
introduce hidden transaction-jta-enabled config option
...
Closes #12400
2022-06-30 16:01:23 -03:00
Jon Koops
06d1b4faab
Restore enum variant of ResourceType
...
This reverts commit 3b5a578934
.
2022-06-30 12:20:51 -03:00
Pedro Igor
605b51890e
Enables the new store and the concurrenthashmap provider
...
Closes #12651
2022-06-30 10:55:22 -03:00
Tero Saarni
3170efd3ad
Removed unused imports with double semicolons
2022-06-30 09:34:30 -03:00
Michal Hajas
9b889b44b4
Make HotRod schema no-downtime upgradable
...
- Split one schema into schema per area
- Check schema stored in the server and update it only when necessary
Closes #9113
2022-06-29 20:57:19 +02:00
Alexander Schwartz
a191d7eb3c
Moving CachedObject to the legacy modules
...
Closes #12656
2022-06-29 20:04:32 +02:00
Alexander Schwartz
b581c203e3
Moving ClientScopeStorageProviderModel to the legacy modules
...
Closes #12656
2022-06-29 20:04:32 +02:00
Alexander Schwartz
ddeab744d0
Moving RoleStorageProviderModel to the legacy modules
...
Closes #12656
2022-06-29 20:04:32 +02:00
Alexander Schwartz
05f8f3038f
Moving GroupStorageProviderModel to the legacy modules
...
Closes #12656
2022-06-29 20:04:32 +02:00
Alexander Schwartz
692ce0cd91
Moving ClientStorageProvider to the legacy modules
...
This prepares the move of CachedObject and CacheableStorageProviderModel
Closes #12531
fixup! Moving ClientStorageProvider to the legacy modules
2022-06-29 20:04:32 +02:00
Alexander Schwartz
05dcc188bb
Move over caching related interfaces to the legacy module
...
Closes #12531
2022-06-29 20:04:32 +02:00
vramik
3b5a578934
Change enum ResourceType to interface with String constants
...
Closes #12485
2022-06-29 13:35:11 +02:00
Lex Cao
c3c8b9f0c8
Add client_secret
to response when token_endpoint_auth_method
is not private_key_jwt
( #12609 )
...
Closes #12565
2022-06-29 10:19:18 +02:00
Clara Fang
4643fd09e3
Replace occurrences of getParameterTypes().length and getParameters().length with getParameterCount()
...
This should reduce GC pressure.
Closes #12644
2022-06-29 08:53:09 +02:00
Konstantinos Georgilakis
ccc0449314
json device code flow error responses
...
closes #11438
2022-06-29 07:23:02 +02:00
Marek Posolda
be1e31dc68
Introduce crypto/default module. Refactoring BouncyIntegration ( #12692 )
...
Closes #12625
2022-06-29 07:17:09 +02:00
vramik
91335ebaad
Change returning type to Set in MapClientEntity when obtaining protocol mappers
...
Closes #11136
2022-06-28 21:47:56 +02:00
andreaTP
e3ece8244f
From supported runtimes back to hidden
2022-06-28 11:33:44 -03:00
andreaTP
006aea300d
A better structure for config-api
2022-06-28 11:33:44 -03:00
vramik
6335090092
Use JpaMapStorageProviderFactory for authorization services in model tests
...
Closes #12743
2022-06-28 15:01:49 +02:00
danielFesenmeyer
b6d8c27cac
OIDC logout: In "legacy mode", support post_logout_redirect_uri param without requiring id_token_hint param
...
Closes #12680
2022-06-28 14:36:03 +02:00
Hynek Mlnarik
ffc1265e9a
Fix typo in ci.yml
...
Fixes : #12690
2022-06-28 09:06:35 -03:00
Alexander Schwartz
4b499c869c
Encapsulate MigrationModelManager in legacy module
...
Closes #12214
2022-06-28 10:53:04 +02:00
Andreas Rühl
99ca37bd27
german translation for reauthentication ( #12770 )
...
Co-authored-by: Andreas Ruehl <ar@asuar.de>
2022-06-27 16:19:55 -04:00
Andreas Rühl
5ee546a34c
hard code message localized ( #12729 )
...
Co-authored-by: Andreas Ruehl <ar@asuar.de>
2022-06-27 13:49:02 -04:00
Andreas Rühl
948aaac8cb
wrong terms replaced ( #12772 )
...
Co-authored-by: Andreas Ruehl <ar@asuar.de>
2022-06-27 13:42:00 -04:00
Michal Hajas
e0efdcae22
Make sure HotRod store does not return empty delegate
...
Closes #12304
2022-06-27 15:10:18 +02:00
Pedro Igor
c972ec4383
Allow to conditionally bootstrap the default persistence unit
...
Closes #12662
2022-06-27 08:26:37 -03:00
leandrobortoli
c5d5659100
Fixed bug on client credentials grant when encryption key not found
...
Closes #12348
2022-06-27 13:00:21 +02:00
Lex Cao
f8a7c8e160
Validate name of client scope ( #12571 )
...
Closes #12553
2022-06-27 12:26:18 +02:00
vramik
c058983655
Enable optimistic locking feature on auth sessions
...
Closes #12242
2022-06-27 09:29:27 +02:00
Andreas Rühl
e19899d496
missing translations added ( #12660 )
...
Co-authored-by: Andreas Ruehl <ar@asuar.de>
2022-06-24 15:06:27 -04:00
Pedro Igor
3d2c3fbc6a
Support JSON objects when evaluating claims in regex policy
...
Closes #11514
2022-06-23 14:04:09 -03:00
Pedro Igor
c95ecd9e88
More information in the proxy guide about exposing the administration console
...
Closes #12450
2022-06-23 10:36:19 -03:00
Pedro Igor
d3a40e8620
Use backend baseURL for UMA-related backend endpoints
...
Closes #12549
2022-06-23 10:35:26 -03:00
Patrick Jennings
d048bf22fb
Do not try to delete from related federated user tables when deleting a service account linked user.
2022-06-22 22:52:16 +02:00
Pedro Igor
95528e77bb
Fixing env vars precedence over conf file ( #12638 )
...
Closes #12413
2022-06-22 15:13:58 +02:00
dependabot[bot]
12093753e9
Bump aquasecurity/trivy-action from 0.3.0 to 0.4.1
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.3.0 to 0.4.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](4b9b6fb4ef...49e970d7ac
)
---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-22 10:07:16 -03:00
Takashi Norimatsu
a10eef882f
DeviceTokenRequestContext.getEvent returns a wrong ClientPolicyEvent
...
Closes #12455
2022-06-22 13:01:35 +02:00
Takashi Norimatsu
d396ee7d30
CIBA flow : no error on invalid scope
...
Closes #12589
2022-06-22 12:55:55 +02:00
Stefan Guilhen
cc65d5491d
Filter out expired entities in JpaMapKeycloakTransaction
...
Closes #12623
2022-06-22 11:35:50 +02:00
Alexander Schwartz
a5615ab438
Automatic profile activated when using JDK 9+ that sets the compiler's release flag that is not understood by JDK 8
...
Closes #12631
2022-06-22 08:50:10 +02:00
Václav Muzikář
2c1fc739f0
Explicitly set failIfNoSpecifiedTests
to false
2022-06-21 12:26:17 -03:00
rmartinc
711440e513
[ #11036 ] Identity Providers: Add support for elliptic curve signatures (ES256/ES384/ES512) using JWKS URL
2022-06-21 10:52:25 -03:00
Stefan Guilhen
7d96f3ad5a
Events Map JPA implementation
...
Closes #9667
2022-06-21 13:53:48 +02:00