Commit graph

23347 commits

Author SHA1 Message Date
dependabot[bot]
67e63cd535
Bump cypress from 13.3.3 to 13.4.0 in /js (#24397)
Bumps [cypress](https://github.com/cypress-io/cypress) from 13.3.3 to 13.4.0.
- [Release notes](https://github.com/cypress-io/cypress/releases)
- [Changelog](https://github.com/cypress-io/cypress/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/cypress-io/cypress/compare/v13.3.3...v13.4.0)

---
updated-dependencies:
- dependency-name: cypress
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-31 13:29:59 +00:00
dependabot[bot]
5975da396f
Bump @typescript-eslint/parser from 6.9.0 to 6.9.1 in /js (#24400)
Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 6.9.0 to 6.9.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.9.1/packages/parser)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/parser"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-31 13:54:59 +01:00
rmartinc
1b630326b2 Fixes in LDAP tests when using AD
Closing https://github.com/keycloak/keycloak/issues/24357
2023-10-31 13:34:37 +01:00
Oliver
8ff76694a2
Always render multi valued inputs for multi valued input types. (#24359)
Closes #24311
Closes #24318

Co-authored-by: Jon Koops <jonkoops@gmail.com>
2023-10-31 12:12:07 +01:00
dependabot[bot]
bf9639d847 Bump aquasecurity/trivy-action from 0.12.0 to 0.13.1
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.12.0 to 0.13.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](fbd16365eb...f78e9ecf42)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-31 07:58:11 -03:00
dependabot[bot]
103f18b661
Bump @vitejs/plugin-react-swc from 3.4.0 to 3.4.1 in /js (#24399)
Bumps [@vitejs/plugin-react-swc](https://github.com/vitejs/vite-plugin-react-swc) from 3.4.0 to 3.4.1.
- [Release notes](https://github.com/vitejs/vite-plugin-react-swc/releases)
- [Changelog](https://github.com/vitejs/vite-plugin-react-swc/blob/main/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite-plugin-react-swc/compare/v3.4.0...v3.4.1)

---
updated-dependencies:
- dependency-name: "@vitejs/plugin-react-swc"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-31 10:51:42 +01:00
dependabot[bot]
69d7478a06
Bump @typescript-eslint/eslint-plugin from 6.9.0 to 6.9.1 in /js (#24398)
Bumps [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) from 6.9.0 to 6.9.1.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases)
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md)
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v6.9.1/packages/eslint-plugin)

---
updated-dependencies:
- dependency-name: "@typescript-eslint/eslint-plugin"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-31 10:51:15 +01:00
Bruno Oliveira da Silva
599cc41715 CVE-2023-44483 - Insertion of Sensitive Information into Log File vulnerability in org.apache.santuario:xmlsec
Closes #24224
2023-10-31 10:51:03 +01:00
dependabot[bot]
4859a2b032
Bump vite-plugin-dts from 3.6.2 to 3.6.3 in /js (#24396)
Bumps [vite-plugin-dts](https://github.com/qmhc/vite-plugin-dts) from 3.6.2 to 3.6.3.
- [Release notes](https://github.com/qmhc/vite-plugin-dts/releases)
- [Changelog](https://github.com/qmhc/vite-plugin-dts/blob/main/CHANGELOG.md)
- [Commits](https://github.com/qmhc/vite-plugin-dts/compare/v3.6.2...v3.6.3)

---
updated-dependencies:
- dependency-name: vite-plugin-dts
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-31 10:50:13 +01:00
rmartinc
7deb4ca545 Group count and PartialExport permission fixes
Closes https://github.com/keycloak/keycloak/issues/12171
2023-10-31 01:40:21 -07:00
Aboullos
c23e1e0e2b
Fix springboot tests (#24254)
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2023-10-31 09:06:09 +01:00
Stian Thorgersen
1558b51284
Add DCO to CONTRIBUTING.md (#24384) 2023-10-31 08:44:43 +01:00
Cihad GÜNDOĞDU
335916518c
Added Turkish support to Account ui (#24173)
Co-authored-by: TurboHesap <turbohesap@gmail.com>
2023-10-30 22:22:41 +00:00
Bruno Oliveira da Silva
8df561c675 CVE-2023-4586 - Hot Rod client does not enable hostname validation when using TLS that lead to a MITM attack
A vulnerability was found in the Hot Rod client. This security issue
occurs as the Hot Rod client does not enable hostname validation when
using TLS, possibly resulting in a man-in-the-middle (MITM) attack.

Closes #24328

Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
2023-10-30 15:57:53 +01:00
rmartinc
6484a3e705 Add userProfileEnabled attribute to realm response if admin can view users
closes https://github.com/keycloak/keycloak/issues/19093
2023-10-30 07:39:03 -07:00
Jon Koops
1145568324
Add some type-safety enhancements to AttributesTab (#24142) 2023-10-30 14:57:07 +01:00
ashwingroot
dee1cec290 fix to preload offline sessions faster
slow loading offline tokens during start up leads to connection timeout
closes #24295
2023-10-30 12:58:06 +01:00
Jon Koops
5464205ab2
Cache Node.js installation and PNPM store
Closes #23695
2023-10-30 07:50:06 -04:00
Martin Kanis
06067d473c Map Store Removal: Remove Map Store tests from GHA
Closes #24089

Signed-off-by: Martin Kanis <mkanis@redhat.com>
2023-10-30 12:39:43 +01:00
dependabot[bot]
0dd1ea09c7
Bump rollup from 4.1.4 to 4.1.5 in /js (#24374)
Bumps [rollup](https://github.com/rollup/rollup) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/rollup/rollup/releases)
- [Changelog](https://github.com/rollup/rollup/blob/master/CHANGELOG.md)
- [Commits](https://github.com/rollup/rollup/compare/v4.1.4...v4.1.5)

---
updated-dependencies:
- dependency-name: rollup
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-30 12:16:48 +01:00
dependabot[bot]
d5183f3c86
Bump i18next-http-backend from 2.3.0 to 2.3.1 in /js (#24375)
Bumps [i18next-http-backend](https://github.com/i18next/i18next-http-backend) from 2.3.0 to 2.3.1.
- [Changelog](https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next-http-backend/compare/v2.3.0...v2.3.1)

---
updated-dependencies:
- dependency-name: i18next-http-backend
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-30 12:16:20 +01:00
Axel Bocciarelli
427f7230f3
Fix typo in available-endpoints.adoc (#24378) 2023-10-30 09:53:33 +00:00
Jon Koops
357f3b2978
Use default namespace for i18next (#24322) 2023-10-27 16:25:59 +00:00
rmartinc
ea398c21da Add a property to the User Profile Email Validator for max length of the local part
Closes https://github.com/keycloak/keycloak/issues/24273
2023-10-27 15:09:42 +02:00
dependabot[bot]
80c71b1951
Bump jwt-decode from 3.1.2 to 4.0.0 in /js (#24349)
* Bump jwt-decode from 3.1.2 to 4.0.0 in /js

Bumps [jwt-decode](https://github.com/auth0/jwt-decode) from 3.1.2 to 4.0.0.
- [Release notes](https://github.com/auth0/jwt-decode/releases)
- [Changelog](https://github.com/auth0/jwt-decode/blob/main/CHANGELOG.md)
- [Commits](https://github.com/auth0/jwt-decode/compare/v3.1.2...v4.0.0)

---
updated-dependencies:
- dependency-name: jwt-decode
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jon Koops <jonkoops@gmail.com>
2023-10-27 14:20:43 +02:00
dependabot[bot]
aee13a1f71
Bump vite-plugin-dts from 3.6.1 to 3.6.2 in /js (#24350)
Bumps [vite-plugin-dts](https://github.com/qmhc/vite-plugin-dts) from 3.6.1 to 3.6.2.
- [Release notes](https://github.com/qmhc/vite-plugin-dts/releases)
- [Changelog](https://github.com/qmhc/vite-plugin-dts/blob/main/CHANGELOG.md)
- [Commits](https://github.com/qmhc/vite-plugin-dts/compare/v3.6.1...v3.6.2)

---
updated-dependencies:
- dependency-name: vite-plugin-dts
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-27 12:03:36 +00:00
Erik Jan de Wit
487ecd7380
add missing translations (#24347) 2023-10-27 13:32:16 +02:00
dependabot[bot]
384adb9096
Bump @types/node from 20.8.8 to 20.8.9 in /js (#24308)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.8.8 to 20.8.9.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-27 11:32:32 +02:00
dependabot[bot]
ebee60867e
Bump i18next-http-backend from 2.2.2 to 2.3.0 in /js (#24309)
Bumps [i18next-http-backend](https://github.com/i18next/i18next-http-backend) from 2.2.2 to 2.3.0.
- [Changelog](https://github.com/i18next/i18next-http-backend/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next-http-backend/compare/v2.2.2...v2.3.0)

---
updated-dependencies:
- dependency-name: i18next-http-backend
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-27 11:25:35 +02:00
dependabot[bot]
81c3065bf3
Bump @types/react from 18.2.31 to 18.2.33 in /js (#24336)
Bumps [@types/react](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/react) from 18.2.31 to 18.2.33.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/react)

---
updated-dependencies:
- dependency-name: "@types/react"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-27 11:25:15 +02:00
Hynek Mlnařík
3f55cd72d7 Docs: Fix account name
Closes: #24341
2023-10-27 09:32:27 +02:00
Bruno Oliveira da Silva
20354f3e0c Update Snyk configuration file to prevent ignoring CVEs
Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>

Closes #24331
2023-10-26 16:05:36 -03:00
Alice
69497382d8
Group scalability upgrades (#22700)
closes #22372 


Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Michal Hajas <mhajas@redhat.com>
2023-10-26 16:50:45 +02:00
agagancarczyk
54a081832a
Additional tests for User Profile, Attributes & Realm-Settings/Login configs (#24243)
* added some user profile tests

* added some user profile tests

* added more tests for user profile and attributes

* improved tests for user profile

* removed videos

* refactor and improvement

* improved tests

---------

Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
2023-10-26 14:22:43 +01:00
Hynek Mlnarik
2c4d58f5af Fix KcOidcBrokerTransientSessionsTest
Closes: #24313
2023-10-26 14:36:01 +02:00
agagancarczyk
8cd40bd911
Account user roles tests (#23663)
* added check for deleting account

* added test for checking if linked accounts exist

* clean up

* fix

* improving test

* improving test

* improved selector

* trying to improve test

* improving test

* trying to improve test

* trying to improve test

* refactoring test

* refactoring test

* refactoring test

* improving test

* added mocked identityProvider

* changed to use `user-profile

---------

Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
2023-10-26 13:16:09 +02:00
Jon Koops
ae48d0c447
Enable github reporter for Playwright (#24290) 2023-10-25 15:24:26 +00:00
rmartinc
faf398e3c3 Add openapi annotations to the UserProfileResource
Closes https://github.com/keycloak/keycloak/issues/9318
2023-10-25 07:44:24 -07:00
Thomas Darimont
d56baa80b3
Add support for passing acr_values in auth requests in keycloak.js (#9383) (#24259)
Fixes #9383
2023-10-25 15:33:39 +02:00
Hynek Mlnarik
c036980c37 Add TRANSIENT_USERS feature flag 2023-10-25 12:02:35 +02:00
Hynek Mlnarik
d59ceb17e9 Add tests for offline access, introspection and userinfo endpoint 2023-10-25 12:02:35 +02:00
Hynek Mlnarik
d70735f64d Tests
Part-of: Add support for not importing brokered user into Keycloak database

Closes: #11334
2023-10-25 12:02:35 +02:00
Hynek Mlnarik
a668c2cb2b Support for transient brokering in admin console
Part-of: Add support for not importing brokered user into Keycloak database

Closes: #11334
2023-10-25 12:02:35 +02:00
Hynek Mlnarik
26328a7c1e Support for transient sessions via lightweight users
Part-of: Add support for not importing brokered user into Keycloak database

Closes: #11334
2023-10-25 12:02:35 +02:00
Hynek Mlnarik
1ec2a97f92 Create serializable lightweight user adapter
Part-of: Add support for not importing brokered user into Keycloak database

Closes: #11334
2023-10-25 12:02:35 +02:00
Hynek Mlnarik
35a226f928 Expose InMemoryUserAdapter to services and model modules
Part-of: Add support for not importing brokered user into Keycloak database

Closes: #11334
2023-10-25 12:02:35 +02:00
dependabot[bot]
a2963f7cde
Bump @types/node from 20.8.7 to 20.8.8 in /js (#24268)
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.8.7 to 20.8.8.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-25 09:13:15 +00:00
dependabot[bot]
f1d48f0d95
Bump cypress from 13.3.2 to 13.3.3 in /js (#24267)
Bumps [cypress](https://github.com/cypress-io/cypress) from 13.3.2 to 13.3.3.
- [Release notes](https://github.com/cypress-io/cypress/releases)
- [Changelog](https://github.com/cypress-io/cypress/blob/develop/CHANGELOG.md)
- [Commits](https://github.com/cypress-io/cypress/compare/v13.3.2...v13.3.3)

---
updated-dependencies:
- dependency-name: cypress
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-25 10:46:20 +02:00
dependabot[bot]
033f531136
Bump vite-plugin-dts from 3.6.0 to 3.6.1 in /js (#24269)
Bumps [vite-plugin-dts](https://github.com/qmhc/vite-plugin-dts) from 3.6.0 to 3.6.1.
- [Release notes](https://github.com/qmhc/vite-plugin-dts/releases)
- [Changelog](https://github.com/qmhc/vite-plugin-dts/blob/main/CHANGELOG.md)
- [Commits](https://github.com/qmhc/vite-plugin-dts/compare/v3.6.0...v3.6.1)

---
updated-dependencies:
- dependency-name: vite-plugin-dts
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-25 10:46:00 +02:00
ggraziano
84112f57b5 Verification of iss at refresh token request
Added iss checking using the existing TokenVerifier.RealmUrlCheck in the verifyRefreshToken method.

Closes #22191
2023-10-24 23:42:11 +02:00