libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
14676 commits 4 branches 5 tags 480 MiB
Commit graph

14676 commits

This branch
This branch
All branches
Author SHA1 Message Date
Alexander Schwartz
9143d8bd0e Store composite roles within its own table for JPA Map storage. 
This keeps the JSON column small, enables searching by child, and allows modification of the role's children without loading all children.

Closes #11844
 2022-07-01 14:13:24 -03:00
Alexander Schwartz
d407a37ba3 Instead of returning instances with different semantics, throw an exception. 
This exception points the caller to the migration guide of Keycloak 19.

Closes #12556
 2022-07-01 14:12:39 -03:00
Alexander Schwartz
c02059e0e5 Building the test-jar as it is one of the dependencies of the keycloak-crypto-fips1402 module 
Also, ensure to run the workflow on changes to the workflow file.

Closes #12866
 2022-07-01 10:29:43 -03:00
Konstantinos Georgilakis
32f8f30f36 Include 'urn:ietf:params:oauth:grant-type:token-exchange' in grant_types_supported field of Keycloak OP metadata, if token-exchange is enabled 
closes #10888
 2022-06-30 17:13:47 -03:00
Dominik Guhr
1d6dde02e5 Add support and docs for centralized logging using gelf. 
* 99% 1:1 wrapper of the underlying quarkus gelf extension.
* excluded `filter-stack-trace` and `stack-trace-throwable-reference` options for now, as they are either undocumented on the quarkus side or not important imo.
* added docs and examples for Graylog and ELK stack
* NOT added an automated test, as this is really a 1:1 wrapper around the extension, Test setup would be cumbersome, test would take too much time and tests are done in quarkus itself.

Closes #12125
 2022-06-30 16:16:19 -03:00
Dominik Guhr
c19428aa81 introduce hidden transaction-jta-enabled config option 
Closes #12400
 2022-06-30 16:01:23 -03:00
Jon Koops
06d1b4faab Restore enum variant of ResourceType 
This reverts commit 3b5a578934.
 2022-06-30 12:20:51 -03:00
Pedro Igor
605b51890e Enables the new store and the concurrenthashmap provider 
Closes #12651
 2022-06-30 10:55:22 -03:00
Tero Saarni
3170efd3ad Removed unused imports with double semicolons 2022-06-30 09:34:30 -03:00
Michal Hajas
9b889b44b4 Make HotRod schema no-downtime upgradable 
- Split one schema into schema per area
- Check schema stored in the server and update it only when necessary

Closes #9113
 2022-06-29 20:57:19 +02:00
Alexander Schwartz
a191d7eb3c Moving CachedObject to the legacy modules 
Closes #12656
 2022-06-29 20:04:32 +02:00
Alexander Schwartz
b581c203e3 Moving ClientScopeStorageProviderModel to the legacy modules 
Closes #12656
 2022-06-29 20:04:32 +02:00
Alexander Schwartz
ddeab744d0 Moving RoleStorageProviderModel to the legacy modules 
Closes #12656
 2022-06-29 20:04:32 +02:00
Alexander Schwartz
05f8f3038f Moving GroupStorageProviderModel to the legacy modules 
Closes #12656
 2022-06-29 20:04:32 +02:00
Alexander Schwartz
692ce0cd91 Moving ClientStorageProvider to the legacy modules 
This prepares the move of CachedObject and CacheableStorageProviderModel

Closes #12531

fixup! Moving ClientStorageProvider to the legacy modules
 2022-06-29 20:04:32 +02:00
Alexander Schwartz
05dcc188bb Move over caching related interfaces to the legacy module 
Closes #12531
 2022-06-29 20:04:32 +02:00
vramik
3b5a578934 Change enum ResourceType to interface with String constants 
Closes #12485
 2022-06-29 13:35:11 +02:00
Lex Cao
c3c8b9f0c8
Add client_secret to response when token_endpoint_auth_method is not private_key_jwt (#12609) 
Closes #12565
 2022-06-29 10:19:18 +02:00
Clara Fang
4643fd09e3 Replace occurrences of getParameterTypes().length and getParameters().length with getParameterCount() 
This should reduce GC pressure.

Closes #12644
 2022-06-29 08:53:09 +02:00
Konstantinos Georgilakis
ccc0449314 json device code flow error responses 
closes #11438
 2022-06-29 07:23:02 +02:00
Marek Posolda
be1e31dc68
Introduce crypto/default module. Refactoring BouncyIntegration (#12692) 
Closes #12625
 2022-06-29 07:17:09 +02:00
vramik
91335ebaad Change returning type to Set in MapClientEntity when obtaining protocol mappers 
Closes #11136
 2022-06-28 21:47:56 +02:00
andreaTP
e3ece8244f From supported runtimes back to hidden 2022-06-28 11:33:44 -03:00
andreaTP
006aea300d A better structure for config-api 2022-06-28 11:33:44 -03:00
vramik
6335090092 Use JpaMapStorageProviderFactory for authorization services in model tests 
Closes #12743
 2022-06-28 15:01:49 +02:00
danielFesenmeyer
b6d8c27cac OIDC logout: In "legacy mode", support post_logout_redirect_uri param without requiring id_token_hint param 
Closes #12680
 2022-06-28 14:36:03 +02:00
Hynek Mlnarik
ffc1265e9a Fix typo in ci.yml 
Fixes: #12690
 2022-06-28 09:06:35 -03:00
Alexander Schwartz
4b499c869c Encapsulate MigrationModelManager in legacy module 
Closes #12214
 2022-06-28 10:53:04 +02:00
Andreas Rühl
99ca37bd27
german translation for reauthentication (#12770) 
Co-authored-by: Andreas Ruehl <ar@asuar.de>
 2022-06-27 16:19:55 -04:00
Andreas Rühl
5ee546a34c
hard code message localized (#12729) 
Co-authored-by: Andreas Ruehl <ar@asuar.de>
 2022-06-27 13:49:02 -04:00
Andreas Rühl
948aaac8cb
wrong terms replaced (#12772) 
Co-authored-by: Andreas Ruehl <ar@asuar.de>
 2022-06-27 13:42:00 -04:00
Michal Hajas
e0efdcae22 Make sure HotRod store does not return empty delegate 
Closes #12304
 2022-06-27 15:10:18 +02:00
Pedro Igor
c972ec4383 Allow to conditionally bootstrap the default persistence unit 
Closes #12662
 2022-06-27 08:26:37 -03:00
leandrobortoli
c5d5659100 Fixed bug on client credentials grant when encryption key not found 
Closes #12348
 2022-06-27 13:00:21 +02:00
Lex Cao
f8a7c8e160
Validate name of client scope (#12571) 
Closes #12553
 2022-06-27 12:26:18 +02:00
vramik
c058983655 Enable optimistic locking feature on auth sessions 
Closes #12242
 2022-06-27 09:29:27 +02:00
Andreas Rühl
e19899d496
missing translations added (#12660) 
Co-authored-by: Andreas Ruehl <ar@asuar.de>
 2022-06-24 15:06:27 -04:00
Pedro Igor
3d2c3fbc6a Support JSON objects when evaluating claims in regex policy 
Closes #11514
 2022-06-23 14:04:09 -03:00
Pedro Igor
c95ecd9e88 More information in the proxy guide about exposing the administration console 
Closes #12450
 2022-06-23 10:36:19 -03:00
Pedro Igor
d3a40e8620 Use backend baseURL for UMA-related backend endpoints 
Closes #12549
 2022-06-23 10:35:26 -03:00
Patrick Jennings
d048bf22fb Do not try to delete from related federated user tables when deleting a service account linked user. 2022-06-22 22:52:16 +02:00
Pedro Igor
95528e77bb
Fixing env vars precedence over conf file (#12638) 
Closes #12413
 2022-06-22 15:13:58 +02:00
dependabot[bot]
12093753e9 Bump aquasecurity/trivy-action from 0.3.0 to 0.4.1 
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.3.0 to 0.4.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](4b9b6fb4ef...49e970d7ac)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-22 10:07:16 -03:00
Takashi Norimatsu
a10eef882f DeviceTokenRequestContext.getEvent returns a wrong ClientPolicyEvent 
Closes #12455
 2022-06-22 13:01:35 +02:00
Takashi Norimatsu
d396ee7d30 CIBA flow : no error on invalid scope 
Closes #12589
 2022-06-22 12:55:55 +02:00
Stefan Guilhen
cc65d5491d Filter out expired entities in JpaMapKeycloakTransaction 
Closes #12623
 2022-06-22 11:35:50 +02:00
Alexander Schwartz
a5615ab438 Automatic profile activated when using JDK 9+ that sets the compiler's release flag that is not understood by JDK 8 
Closes #12631
 2022-06-22 08:50:10 +02:00
Václav Muzikář
2c1fc739f0 Explicitly set failIfNoSpecifiedTests to false 2022-06-21 12:26:17 -03:00
rmartinc
711440e513 [#11036] Identity Providers: Add support for elliptic curve signatures (ES256/ES384/ES512) using JWKS URL 2022-06-21 10:52:25 -03:00
Stefan Guilhen
7d96f3ad5a Events Map JPA implementation 
Closes #9667
 2022-06-21 13:53:48 +02:00