danielFesenmeyer
d543ba5b56
Consistent message resolving regarding language fallbacks for all themes
...
- the prio of messages is now as follows for all themes (RL = realm localization, T = Theme i18n files): RL <variant> > T <variant> > RL <region> > T <region> > RL <language> > T <language> > RL en > T en
- centralize the message resolving logic in helper methods in LocaleUtil and use it for all themes, add unit tests in LocaleUtilTest
- add basic integration tests to check whether realm localization can be used in all supported contexts:
- Account UI V2: org.keycloak.testsuite.ui.account2.InternationalizationTest
- Login theme: LoginPageTest
- Email theme: EmailTest
- deprecate the param useRealmDefaultLocaleFallback=true of endpoint /admin/realms/{realm}/localization/{locale}, because it does not resolve fallbacks as expected and is no longer used in admin-ui v2
- fix locale selection in DefaultLocaleSelectorProvider that a supported region (like "de-CH") will no longer selected instead of a supported language (like "de"), when just the language is requested, add corresponding unit tests
- improvements regarding message resolving in Admin UI V2:
- add cypress test i18n_test.spec.ts, which checks the fallback implementation
- log a warning instead of an error, when messages for some languages/namespaces cannot be loaded (the page will probably work with fallbacks in that case)
Closes #15845
2023-05-17 15:00:32 +02:00
Dominik Schlosser
8c58f39a49
Updates Datastore provider to contain full data model
...
Closes #15490
2023-05-16 15:05:10 +02:00
Takashi Norimatsu
7f5e94db87
KEYCLOAK-19539 FAPI 2.0 Baseline : Reject Implicit Grant
2023-05-16 14:17:29 +02:00
Hynek Mlnařík
edb292664c
File store freeze
...
* File store: Fix ID determination
* Forbid changing ID (other setters)
* Improve handling of null values
* Support convertible keys in maps
* Fix writing empty values
* Fix updated flag
* Proceed if an object has been deleted in the same tx
* Fix condition
Co-authored-by: Michal Hajas <mhajas@redhat.com>
---------
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2023-05-16 12:03:59 +02:00
Alexander Schwartz
8cfe8b1411
Update the docs on passthrough proxy ( #20072 )
...
Closes #20070
2023-05-15 15:44:47 +00:00
Miquel Simon
e959e20e1a
Upgrade tested DB versions
2023-05-15 12:36:27 -03:00
Martin Bartoš
a68aadd9d0
Conditionally build WildFly adapters for our testsuite
...
Fixes #20077
Revert once https://github.com/keycloak/keycloak/issues/19299 is solved
2023-05-15 14:58:49 +02:00
Miquel Simon
90bc5835ea
Due to a bug in chromedriver version < 113.0.5672.92, temporarily ignoring some tests. ( #20347 )
2023-05-15 14:40:08 +02:00
rmartinc
025778fe9c
SSSD User Federation integration for quarkus distribution
...
Closes https://github.com/keycloak/keycloak/issues/16165
2023-05-09 11:32:52 +02:00
Jon Koops
6f4b9885ca
Use Chrome as the default JavaScript browser ( #14702 )
2023-05-08 08:40:27 +02:00
Martin Bartoš
960e3503ec
Artifact SLF4J LOG4J-12 has been relocated ( #20113 )
2023-05-05 13:57:45 +02:00
vramik
d1ab921c50
JpaUserProvider count methods are inconsistent with searchForUser's param filter handling
...
Closes #17581
2023-05-05 08:22:05 +02:00
rmartinc
d9025db536
Migrate realms if configured to use RH-SSO themes
...
Closes https://github.com/keycloak/keycloak/issues/17484
2023-05-02 15:38:33 +02:00
Martin Bartoš
3f6925143a
Support JavaEE for Admin client ( #19988 )
2023-04-28 16:35:31 +02:00
Martin Bartoš
b87b70a35d
Ignore particular legacy clustering tests
...
Revert once https://github.com/keycloak/keycloak/issues/19834 issue is resolved
2023-04-27 13:36:54 +02:00
Martin Bartoš
79178b5a23
Use WildFly as the default app server
2023-04-27 13:36:54 +02:00
Martin Bartoš
9d40f77746
Ignore DemoFilterServletAdapterTestForCustomizedIdMapper test
...
Revert once https://github.com/keycloak/keycloak/issues/19809 issue is resolved
2023-04-27 13:36:54 +02:00
Martin Bartoš
b96328868c
Fix for Java distribution tests and JDK 17+
2023-04-27 13:36:54 +02:00
Martin Bartoš
60fd7e63d9
Fix OfflineServletsAdapterTest
2023-04-27 13:36:54 +02:00
Martin Bartoš
8d5a4f2677
Fix FIPS tests
2023-04-27 13:36:54 +02:00
Martin Bartoš
c1cced9f31
Fix CorsExampleAdapterTest
...
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/adapter/example/cors/CorsExampleAdapterTest.java - Modified
2023-04-27 13:36:54 +02:00
Peter Zaoral
72663060c9
Quarkus3 branch sync no. 13
...
11.4.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Martin Bartoš
5b7e9a2603
Remove WF dependencies, add Jakarta SOAP, fix tests
...
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
IdeaProjects/keycloak/quarkus/pom.xml - Modified
IdeaProjects/keycloak/quarkus/runtime/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
8fb7fb0de9
Integrate Quarkus 3.0.0.Alpha6
...
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
bc43e4f435
Integrate Jakarta Mail API 2.1.0
2023-04-27 13:36:54 +02:00
Martin Bartoš
de663dbf93
Quarkus3 branch sync no. 9
...
10.3.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE
* changed version from 999-SNAPSHOT to 999.0.0-SNAPSHOT
2023-04-27 13:36:54 +02:00
Martin Bartoš
952faed4c9
Run Adapter tests with JavaEE support
...
---
Quarkus3 branch sync no. 9 (10.3.2023)
Resolved conflicts:
keycloak/.github/actions/build-keycloak/action.yml - Modified
2023-04-27 13:36:54 +02:00
Peter Zaoral
0b4f40f89b
Quarkus3 branch sync no. 8
...
3.3.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Martin Bartoš
abf765185d
Fix WebAuthn tests
2023-04-27 13:36:54 +02:00
Martin Bartoš
64738ea708
Fix issues with JakartaEE Mail dependencies
...
This reverts commit da4644844ed88818c05d777460624403326ab01c
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
2023-04-27 13:36:54 +02:00
Peter Zaoral
5ebe4ca7c8
Quarkus3 branch sync no. 6
...
17.2.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Peter Zaoral
946eacd5b6
Quarkus3 branch sync no. 5
...
10.2.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE
* fixed Undertow server not starting due to ClassNotFoundException: javax.transaction.TransactionManager
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Martin Bartoš
2cb7c9f5ec
Fix account console tests
2023-04-27 13:36:54 +02:00
Stefan Guilhen
3409a0c840
Fixes SAML tests in testsuite
...
- adds dependency to saaj-impl in saml core public
- updates test apps' web.xml files to use jakarta namespaces
- small cleanup in main pom
- changes order of e-mail servers in testsuite pom to enforce usage of greenmail (changes order in Undertow's classpath)
Closes #16711
2023-04-27 13:36:54 +02:00
Alexander Schwartz
4bdf2fe21d
Fixing parameter which should be a string plus dependencies
...
Closes #16649
2023-04-27 13:36:54 +02:00
Peter Zaoral
028c3dd26e
uarkus3 branch sync no. 13 (11.4.2023)
...
Resolved conflicts:
keycloak/testsuite/model/src/test/java/org/keycloak/testsuite/model/transaction/StorageTransactionTest.java - Modified
---
27.1.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
vramik
fa3ba6331e
Remove JsonbPostgreSQL95Dialect from keycloak-server.json from testsuite utils
...
Fixes #16336
2023-04-27 13:36:54 +02:00
Martin Bartoš
b1da7bd613
Revert Mail API
...
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
keycloak/quarkus/pom.xml - Modified
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
1f126647fe
Update dependencies
2023-04-27 13:36:54 +02:00
Martin Bartoš
c0b82ae72b
Upgrade Arquillian Undertow embedded
2023-04-27 13:36:54 +02:00
Hynek Mlnarik
4189edc9f1
Fix dependency
...
Fixes : #16538
2023-04-27 13:36:54 +02:00
vramik
60e6fb9dae
Register custom functions FunctionContributor
...
Closes #16336
---
Quarkus3 branch sync no. 6 (17.2.2023)
Resolved conflicts:
keycloak/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/JpaMapStorage.java - Modified
keycloak/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/JpaMapStorageCockroachdb.java - Modified
keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaMapStorageProviderFactory.java - Modified
---
Quarkus3 branch sync no. 3 (27.1.2023)
Resolved conflicts:
keycloak/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/JpaMapStorage.java - Modified
keycloak/testsuite/model/src/test/java/org/keycloak/testsuite/model/parameters/JpaMapStorageCockroachdb.java - Modified
2023-04-27 13:36:54 +02:00
Peter Zaoral
4ff2de7f46
Quarkus3 branch sync
...
18.1.2023:
* applied Quarkus 3 OpenRewrite recipe
* fixed the parts that were missed by the script
Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
2023-04-27 13:36:54 +02:00
Martin Bartoš
77a494d3be
Undertow JakartaEE adapter in the testsuite
2023-04-27 13:36:54 +02:00
Martin Bartoš
124591ce1a
Adapters can still use Java EE
...
- Provided all JavaEE dependencies for adapters
- Automatically build Undertow Jakarta EE for testsuite (missing SAML)
---
Quarkus3 branch sync no. 11 (24.3.2023)
Resolved conflicts:
keycloak/adapters/oidc/spring-security/pom.xml - Modified
---
Quarkus3 branch sync no. 7 (27.2.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/servers/auth-server/services/testsuite-providers/pom.xml - Modified
---
Quarkus3 branch sync no. 1 (18.1.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Stefan Guilhen
ab6ca6e63d
Enable KeycloakServer again by re-enabling undertow adapters
...
---
Quarkus3 branch sync #2 (20.1.2023)
Resolved conflicts:
keycloak/testsuite/utils/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
40c38e0133
Fix dependencies in testsuite, adapters and Quarkus module
...
---
Quarkus3 branch sync no. 11 (24.3.2023)
Resolved conflicts:
keycloak/adapters/oidc/spring-security/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Stefan Guilhen
384d7c17f7
- Fix issues in legacy store
...
- Testsuite (switch undertow-embedded.version)
2023-04-27 13:36:54 +02:00
Martin Bartoš
6118e5cfb7
Use JakartaEE dependencies
...
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
2023-04-27 13:36:54 +02:00
Martin Bartoš
7cff857238
Migrate packages from javax.* to jakarta.*
...
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ComponentExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/FederatedStorageExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java - Modified
keycloak/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java - Modified
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AccountTotpPage.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java - Modified
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/services/resources/QuarkusWelcomeResource.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/profile/util/Soap.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/UserInfoClientUtil.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
---
Quarkus3 branch sync no. 10 (17.3.2023)
Resolved conflicts:
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java - Modified
---
Quarkus3 branch sync no. 9 (10.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosSingleRealmTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java - Modified
---
Quarkus3 branch sync no. 8 (3.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/SamlClient.java Modified - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java - Modified
keycloak/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionAuthenticator.java - Modified
---
Quarkus3 branch sync no. 6 (17.2.2023)
Resolved conflicts:
keycloak/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ComponentsResource.java - Modified
keycloak/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/installation/SamlSPDescriptorClientInstallation.java - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
/keycloak/services/src/main/java/org/keycloak/social/google/GoogleIdentityProvider.java Modified - Modified
keycloak/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java - Modified
---
Quarkus3 branch sync no. 4 (3.2.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/integration/jaxrs/QuarkusKeycloakApplication.java - Modified
---
Quarkus3 branch sync no. 1 (18.1.2023)
Resolved conflicts:
keycloak/testsuite/client/ClientPoliciesTest.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java - Modified
keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaModelCriteriaBuilder.java - Modified
2023-04-27 13:36:54 +02:00
Hynek Mlnarik
d7d50634b3
Do not impose assumptions on ID format
...
Closes : #19814
2023-04-26 15:37:50 +02:00
Hynek Mlnarik
80ba42a0b4
Tests: Determine IDs from Keycloak
...
Instead of assuming that the ID of created objects is honored,
the tests are rewritten in the way which obtains the ID from
the created objects. This is to account for storages where
ID is not necessarily an UUID and cannot be thus prescribed.
Closes : #19814
2023-04-26 15:37:50 +02:00
rmartinc
04ac3a64ee
Adding support for rsa-oaep for SAML encryption
...
Closes https://github.com/keycloak/keycloak/issues/19689
2023-04-26 10:46:10 +02:00
mposolda
a3f2ebb193
Ability to override default/built-in providers with same providerId. Using ProviderFactory.order() for choosing priority providers
...
Closes #19867
2023-04-25 18:04:58 +02:00
Peter Zaoral
78958ae434
Fix Base Testsuite timeouts on Windows
2023-04-25 16:01:08 +02:00
Lukas Hanusovsky
30d976d64c
RequiredActionEmailVerificationTest - old account console dependencies removed. ( #19843 )
...
Closes #19668
2023-04-25 08:19:43 +02:00
Hynek Mlnarik
3161c4424c
Fix export / import tests relict
...
Closes : #19812
2023-04-19 22:17:49 +02:00
Hynek Mlnarik
0ddc71d987
Properly encode id in URL
...
Closes : #19816
2023-04-19 15:10:04 -03:00
rmartinc
8e55a63f31
Do not allow add sub-flow to built-in workflow
...
Closes https://github.com/keycloak/keycloak/issues/15536
2023-04-19 11:12:49 +02:00
rmartinc
f051a0cdb3
Improve SessionCodeChecks to detect better the ALREADY_LOGGED_IN situation
...
Closes https://github.com/keycloak/keycloak/issues/19677
2023-04-18 10:35:47 -03:00
Lukas Hanusovsky
4a8510f7d9
Stop disabling Account Console v2 for tests that run fine ( #19728 )
...
Works towards closing #19668
2023-04-17 16:26:32 -03:00
Marek Posolda
8d01109158
Invalid parameter redirect_uri when using an invalid client_id ( #19731 )
...
closes #19662
2023-04-17 15:12:59 +02:00
Hynek Mlnarik
21510dff0c
Add FILE constant to StoreProvider
2023-04-17 08:29:49 +02:00
mposolda
1cbdf4d17e
Fix the issue with LDAP connectionUrl containing multiple hosts
...
Closes #17359
2023-04-16 17:41:22 +02:00
Alexander Schwartz
d7c3678096
Add missing UI dependencies for interactive tests ( #19736 )
...
Closes #19735
2023-04-15 16:58:55 -04:00
danielFesenmeyer
5554c62bea
Change locale of user profile validation message to be resolved from authenticated user instead of validated user
...
Closes #19707
2023-04-14 11:51:15 -03:00
Stian Thorgersen
f4cabea08c
Make sure the code is bound to the user session ( #18 ) ( #17380 ) ( #17389 )
...
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
2023-04-14 14:42:12 +02:00
Lukas Hanusovsky
556758943f
Old Account Console removal - cleanup imports ( #19700 )
...
Part of #19668
2023-04-13 14:57:28 +00:00
Jon Koops
a2eb619e0e
Include Account Console version 3 as a theme ( #19641 )
2023-04-13 09:41:40 -04:00
Vladislav Plemyannik
ca9c6dddc1
Fix of ant configure.xml to be able to build integration-arquillian-servers-auth-server-quarkus module on Windows
...
Closes #19591
2023-04-13 09:24:53 -03:00
vramik
2b890eb79d
Zero downtime smoke tests
...
Closes #16481
2023-04-12 11:24:35 +02:00
Michal Hajas
b730d861e7
Refactor map storage transaction initialization
...
* Refactor transaction to be enlisted in MapStorageProvider instead of area provider
* Make KeycloakTransaction methods optional for MapKeycloakTransaction
* Remove MapStorage interface that contained only createTransaction method
* Rename *MapStorage to *CrudOperations
* Adjust File store to new structure
* Rename MapKeycloakTransaction to MapStorage
* Rename getEnlistedTransaction to getMapStorage in AbstractMapProviderFactory
* Rename variables tx and transaction to store
* Add createMapStorageIfAbsent to JpaMapStorageProvider
* Update JavaDoc
Co-authored-by: Hynek Mlnarik <hmlnarik@redhat.com>
2023-04-12 11:21:14 +02:00
Pedro Igor
83676bf927
Extract JUnit5 support in the distributoin testsuite to a separate module
...
Closes #19552
2023-04-11 10:48:56 +02:00
Martin Kanis
37af5fbffe
Introduce optimistic locking for HotRod storage
...
Closes #15402
2023-04-11 09:33:01 +02:00
Lukas Hanusovsky
9bb18400ad
Remove AccountTotpPage from the testsuite ( #17657 )
...
Closes #15201
2023-04-06 11:49:29 +02:00
fwojnar
f55794f8bf
Removes AccountApplicationsPage ( #17651 )
...
Closes #15198
Co-authored-by: wojnarfilip <fwojnar@redhat.com>
2023-04-05 16:54:16 +02:00
mposolda
c6f13363b9
Add nashorn javascript engine to Keycloak server
...
closes #17671
2023-04-04 14:56:46 +02:00
rmartinc
99330dbb6d
Manage JsonProcessingException to not return error 500 when json data is wrong
...
Closes https://github.com/keycloak/keycloak/issues/11517
2023-04-03 18:07:34 +02:00
mposolda
4d8d6f8cd8
Preserve authentication flow IDs after import
...
closes #9564
2023-04-03 16:01:52 +02:00
Jon Koops
bdc019b02c
Fully deprecate function-style constructor for Keycloak JS ( #19438 )
2023-04-03 14:45:55 +02:00
Hynek Mlnarik
85c0b47c31
Fix ClientPoliciesExtendedEventTest
...
Closes : #19487
2023-04-03 14:43:50 +02:00
Hynek Mlnarik
0d5363d0d5
Throw an exception rather than returning response
...
Closes : #17644
2023-04-03 14:43:50 +02:00
Alexander Schwartz
d210980988
Close factory when creation fails
...
Closes #16671
2023-03-31 10:19:29 +02:00
Pedro Igor
6086201fe0
Do not verify identity cookie when processing required actions
...
Closes #17539
2023-03-31 09:56:27 +02:00
rmartinc
89dfeeec38
The getAttributes method in UserAttributeLDAPStorageMapper does not work for email or other UserModel properties
...
Closes https://github.com/keycloak/keycloak/issues/10412
2023-03-30 21:45:07 +02:00
mposolda
709c6b5a47
Regressions in redirect URL verification when redirect_uri has encoded path or default port
...
closes #16851
closes #16587
2023-03-30 14:20:10 +02:00
Pedro Igor
48082d08ec
Email visible on registration page when edit username is not allowed
...
Closes #17439
2023-03-30 08:11:30 +02:00
Douglas Palmer
ff27f6c77c
Fix SSSDTest
...
closes #19397
2023-03-29 21:54:00 +02:00
Jon Koops
8f627517cb
Remove legacy Promise APIs from Keycloak JS ( #19389 )
2023-03-29 16:29:27 +00:00
Michal Hajas
e49dfe534e
Fix missing migration when reading TERMS_AND_CONDITIONS required action in legacy store
...
Closes #17277
2023-03-29 16:43:01 +02:00
Daniel Kobras
a45b5dcd90
Prefer cert over pubkey in SAML metadata
...
If SAML key material was given as a certificate, consistently
expose the certificate rather than just the public key when
presenting SAML metadata info. This change ensures that the
client obtains sufficient information (eg. issuer) to close
the trust chain.
Closes : #17549
Signed-off-by: Daniel Kobras <kobras@puzzle-itc.de>
2023-03-29 11:17:24 +02:00
Marek Posolda
032ece9f7b
Clarify user session limits documentation and test SSO scenario ( #19372 )
...
Closes #17374
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-03-29 10:08:45 +02:00
rmartinc
2bb9de1a8c
Allow application/jwt media type for userinfo endpoint
...
Closes: https://github.com/keycloak/keycloak/issues/19346
2023-03-28 08:47:35 -03:00
Michal Hajas
beca22311b
Add RefreshTokenTest to database suite so it can catch some expiration issues similar to #17570
2023-03-28 08:32:31 +02:00
Michal Hajas
2a5b5c4a40
Fix stale client session is present in user session
...
Closes #17570
2023-03-28 08:32:31 +02:00
Pedro Igor
a9c605750d
Returning email as username setting for admins
...
Fixes #17591
2023-03-27 16:33:44 -03:00
Alexander Schwartz
251f6151e8
Rework the Import SPI to be configurable via the Config API
...
Also rework the export/import CLI for Quarkus, so that runtime options are available.
Closes #17663
2023-03-24 15:28:55 -03:00
Pedro Hos
bd0a23a865
/users/count endpoint with search field has different behavior than /users query endpoint #17620
...
closes #17620
2023-03-24 13:43:47 +01:00
Klajdi Paja
cf61a65198
Return a user friendly message when a group name already exists on the same level.
...
Closes #16888
2023-03-24 08:13:49 +01:00
rmartinc
8bc5273792
EAP7 and wildfly adapter tests fixes. Execute enable-elytron-se17.cli for EAP7 and JDK-17.
...
Closes https://github.com/keycloak/keycloak/issues/19273
2023-03-23 17:02:39 -03:00
Ayrat Hudaygulov
f578f91a0b
Fix ID token not being sent after expiration for OIDC logout
...
Closes #10164
2023-03-23 13:01:02 +01:00
Hiroyuki Wada
46eb2e1b84
Fix attribute deleted from LDAP is not immediately reflected even if it is "Always Read Value From LDAP"
2023-03-21 10:28:41 +01:00
Ricardo Martin
1a622e707f
Flaky tests org.keycloak.testsuite.federation.sync.SyncFederationTest ( #19095 )
...
Closes: https://github.com/keycloak/keycloak/issues/17430
Closes: https://github.com/keycloak/keycloak/issues/17431
2023-03-21 08:30:42 +01:00
Alexander Schwartz
513bb809f3
Add a map storage global locking implementation for JPA
...
Closes #14734
2023-03-21 08:21:11 +01:00
rmartinc
bef0a4a6f1
Check frontendUrl in the hostname providers
...
Closes https://github.com/keycloak/keycloak/issues/17686
2023-03-20 18:54:58 -03:00
Miquel Simon
80d3cc5dea
Added option for Chrome driver needed for version >= 111.
...
Closes #19137
2023-03-20 13:09:23 +01:00
Pedro Igor
a30b6842a6
Decouple the policy enforcer from adapters and provide a separate library
...
Closes keycloak#17353
2023-03-17 11:40:51 +01:00
rmartinc
cab7e50410
Better handling for SAML signatures in POST and REDIRECT bindings
...
Closes https://github.com/keycloak/keycloak/issues/17456
2023-03-15 09:06:59 -03:00
Martin Kanis
5e7793b64d
Unexpected invalid_grant error on offline session refresh when client session is not in the cache
...
Closes #9959
Co-authored-by: Martin Kanis <mkanis@redhat.com>
Co-authored-by: Lex Cao <lexcao@foxmail.com>
2023-03-15 12:39:43 +01:00
Jon Koops
96aa4b3394
Add Maven build for the Admin UI ( #17552 )
2023-03-13 18:16:12 +00:00
Hynek Mlnarik
fe5d89295f
Fix client (scope) model test placement
...
Fixes : #17212
2023-03-13 14:35:14 +01:00
Pedro Igor
af475ffe23
Fixing classloading issue due to the curated application being eagerly closed
2023-03-13 09:34:49 +01:00
Alexander Schwartz
0b2802fa18
Fixing compile time warnings
...
Avoiding calling deprecated methods, and adding compile time dependencies for annotations.
Closes #17499
2023-03-09 15:42:55 +01:00
vramik
31e4c5cb7e
Add storage-jpa-db
property into Quarkus. Distinguish postgres and crdb for jpa map store.
...
Closes #17305
2023-03-09 11:09:56 +01:00
Tero Saarni
9052ec2b02
Add admin events for realm create/delete. ( #10831 )
...
Closes #10733
2023-03-07 15:57:06 +01:00
Simon Levermann
96c1cf3c49
Allow mapping of UserSessionNotes into UserInfo
...
Fixes #15369
2023-03-07 15:25:14 +01:00
rmartinc
a56b38c5a6
Don't remove session and don't reset restart cookie if passive check error
...
Closes https://github.com/keycloak/keycloak/issues/11340
2023-03-07 15:10:09 +01:00
rmartinc
06ff8b016c
Don't set REMEMBER_ME if it's disabled at realm level
...
Closes https://github.com/keycloak/keycloak/issues/11330
2023-03-07 15:01:58 +01:00
Michal Hajas
837c64de3d
Add support for pessimistic locking to HotRod
...
Closes #13273
2023-03-07 10:44:31 +01:00
Alexander Schwartz
f6f179eaca
Rework the export to use CLI options and property mappers
...
Also, adding the wiring to support Model tests for the export.
Closes #13613
2023-03-07 08:22:12 +01:00
mposolda
a0192d61cc
Redirect loop with authentication success but access denied at default identity provider
...
closes #17441
2023-03-06 10:45:01 +01:00
Michal Hajas
465019bec4
Extract attachDevice outside of storage layer
...
Closes #17336
2023-03-03 17:58:34 +01:00
Zakaria Amine
fb5a7f654b
trigger IDENTITY_PROVIDER_FIRST_LOGIN (and UPDATE_PROFILE ) event when identity provider flow succeeds ( #15100 )
...
closes #15098
2023-03-03 17:49:27 +01:00
Jon Koops
6d2e57f93a
Move Keycloak JS into the NPM workspace ( #17401 )
2023-03-03 13:56:53 +01:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version ( #17334 )
...
* Use a valid SemVer format for the SNAPSHOT version
* Update pom.xml
* Update pom.xml
---------
Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
2023-03-03 11:11:44 +01:00
Alexander Schwartz
95a6effcef
Increase memory for the model tests to avoid an OOM error
...
Closes #17427
2023-03-03 10:55:03 +01:00
Alexander Schwartz
1e4401f521
Avoid returning the same entity multiple times from separate searches
...
Closes #15604
2023-03-02 08:21:38 +01:00
mposolda
b28bde542f
referrer_url is not correctly computed in account console
...
closes #16484
2023-03-01 20:49:15 +01:00
Marek Posolda
59f4fe1c60
NPE on Theme after upgrade to 21 when parent or import theme not exists ( #17350 )
...
* NPE on Theme after upgrade to 21 when parent or import theme not exists
closes #17313
* Update per review
2023-03-01 15:46:37 +00:00
Michal Hajas
e02c95f9d3
Fix testReleaseAllLocksMethod timing out intermittently
...
Closes #17337
2023-03-01 14:55:50 +01:00
rmartinc
5cdf4d5791
Read-Only attributes should be modified if creation is delayed for LDAP
...
Closes https://github.com/keycloak/keycloak/issues/16848
2023-03-01 11:26:57 +01:00
Michal Hajas
7899c6c80a
Make DeviceRepresentationProvider available for all model test profiles
...
Closes #17329
2023-02-28 14:55:48 +01:00
Pedro Igor
fbf5541802
Remove duplicated set-cookie header from response when expiring cookies
...
Closes #17192
2023-02-27 14:17:27 -03:00
lpa
3cd413dee1
SOAP backchannel logout for SAML protocol
...
Closes #16293
2023-02-27 14:24:12 +01:00
rmartinc
38a46726e4
Implement UserInfoTokenMapper in HardcodedRole and RoleNameMapper mappers
...
Closes https://github.com/keycloak/keycloak/issues/15624
2023-02-27 10:14:48 -03:00
Miquel Simon
923a321a55
Run WebAuthn IT with Chrome. ( #17256 )
2023-02-23 20:58:13 +00:00
Václav Muzikář
557a22968c
Stabilize Account Console UI tests ( #17243 )
...
Closes #17178
Closes #17102
Closes #17070
Closes #17045
Closes #17044
Closes #16875
Closes #16870
Closes #16715
Closes #16670
Closes #16646
Closes #16627
Closes #16620
2023-02-23 12:35:08 +01:00
Marek Posolda
b9ab942ef8
FIPS related docs ( #17196 )
...
* FIPS related docs
Closes #16444 #12432 #12429
Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-02-22 12:47:15 +01:00
rmartinc
f91ac2970d
Polish fips-mode switch for preview ( #17228 )
...
* Polish fips-mode switch for preview
Closes #17208 #17210
Co-authored-by: mposolda <mposolda@gmail.com>
2023-02-22 12:12:52 +01:00
mposolda
5ac8f7c1ef
Link 'Sign out' incorrectly hardcoded to localhost in the authz example applications
...
closes #17216
2023-02-21 15:49:20 +01:00
Douglas Palmer
1d75000a0e
Create an SPI for DeviceActivityManager
...
closes #17134
2023-02-20 09:29:11 +01:00
drohwer89
4ff180da64
Terminating all sessions above the session limit ( #16068 )
...
Adjusts implementation of UserSessionLimitsAuthenticator to terminate all sessions above the session limit.
Closes #14689
Co-authored-by: Marek Posolda <mposolda@gmail.com>
2023-02-16 17:56:59 +01:00
rmartinc
9995a3cdd4
lastSync value into COMPONENT_CONFIG is always updated
...
Closes https://github.com/keycloak/keycloak/issues/17022
2023-02-16 17:48:49 +01:00
mposolda
4f068fcdcc
Make https-trust-store-type set to bcfks by default in strict-mode
...
Closes #17119
2023-02-16 08:00:21 -03:00
sui.jieqiang
1f6fa0501c
Fix search user groups without limit
...
Closes #12649
2023-02-15 15:50:46 +01:00
rmartinc
fbc9177f27
Doublecheck if we need to override properties in java.security
...
Closes https://github.com/keycloak/keycloak/issues/16702
2023-02-15 12:33:48 +01:00
vramik
7b604d6784
Sync properties in map-storage-jpa-cocroach
with other profiles
...
Closes #17107
2023-02-15 10:49:22 +01:00
Michal Hajas
1f929c78af
Make lockTimeout more friendly for JPA map storage
...
Closes #16616
2023-02-15 10:38:18 +01:00
Hynek Mlnarik
bb0eb899a7
Add ability to run arq testsuite with file store
...
Fixes : #17032
2023-02-15 10:17:23 +01:00
Hynek Mlnarik
2665fb01a6
File storage: Fix path traversal
...
Fixes : #17029
2023-02-14 14:30:14 +01:00