libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
25416 commits 4 branches 5 tags 480 MiB
Commit graph

25416 commits

This branch
This branch
All branches
Author SHA1 Message Date
Thomas Darimont
f34bb21af6
Fix deprecations in common module 
- Use charset in `Encode` class
- Replace reflective call to protected `Liquibase#resetServices()` with call to exposed public method on a custom subclass `KeycloakLiquibase`
- Remove usage of deprecated AccessController class in Reflections
- Deprecated SetAccessibleProvilegedAction and UnsetAccessibleProvilegedAction

Fixes #22209

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-07-02 16:02:35 +00:00
Erik Jan de Wit
a8aa410ad3
also translate the message (#30654) 
fixes: #29098

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-07-02 15:31:38 +02:00
Erik Jan de Wit
e3649eb86a
changed to use adminUrl instead (#30441) 
* changed to use adminUrl instead

fixes: #19070
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

* changed to make use of "frondend url" and "adminUrl"

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>

---------

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-07-02 13:42:07 +02:00
Rishabh Singh
3a156b1a8b This fix allows the LDAP connection pool parameters - maxsize, prefsize, initsize - to be configured using JVM arguments. 
Removed the check on connectionPoolingMaxSize, connectionPoolingInitSize and connectionPoolingPrefSize

Closes #30677

Signed-off-by: Rishabh Singh <rishabhsvats@gmail.com>

This fix allows all the LDAP connection pool parameters to be configured using JVM arguments.

Removed all the ldap connection pool parameters

Signed-off-by: Rishabh Singh <rishabhsvats@gmail.com>
 2024-07-02 07:47:14 -03:00
Dmitry Telegin
5ff3488c80 Incorrect version comparison in ModelVersion 
Closes #30935

Signed-off-by: Dmitry Telegin <demetrio@carretti.pro>
 2024-07-02 11:52:33 +02:00
mruzicka
53fa901a11
fix: Use correct property for sub-flow name (#30948) 
Signed-off-by: Michal Růžička <michal.ruza@gmail.com>
 2024-07-01 14:47:54 +01:00
agagancarczyk
4924847676
Enhanced associated roles (#30968) 
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
 2024-07-01 14:38:42 +01:00
agagancarczyk
0d6ecab862
fixed rendering of granted client scopes in User Consents (#30864) 
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
 2024-07-01 15:28:35 +02:00
agagancarczyk
3874a141f1
Added some fun-tuning of Permissions table of Authorization (#30894) 
Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
 2024-07-01 15:20:31 +02:00
Peter Zaoral
add45a25a8
Add default CPU limit/request for the operator (#30601) 
Closes: #27432

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2024-07-01 15:12:43 +02:00
Stan Silvert
fd8cb95595
Allow FGA with view-clients to see client roles (#30834) 
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
 2024-07-01 08:50:30 -04:00
Erik Jan de Wit
ea0f569bd0
changed X to link to organization (#30648) 
Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-07-01 13:22:46 +02:00
Erik Jan de Wit
213b4ca6d1
reset form instead of adding to it (#30650) 
fixes: #30550

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-07-01 10:49:04 +02:00
Erik Jan de Wit
cb048c9700
don't show if there is a displayName set (#30647) 
fixes: #30582

Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com>
 2024-07-01 10:48:10 +02:00
Hynek Mlnarik
287916997e Show admin console header if serverinfo is forbidden 
Fixes: #30683

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
 2024-06-28 20:22:16 +02:00
Steven Hawkins
d534860e2b
fix: admin cli client should set the content when performing a merge (#30539) 
closes: #29878

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-06-28 15:56:07 +02:00
Pedro Igor
cc2ccc87b0 Filtering organization groups when managing or processing groups 
Closes #30589

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-06-28 10:27:18 -03:00
Christoph Schulz
657aff787f
Add missing comma to (#30914) 
Signed-off-by: Christoph Schulz <mail@ciis0.de>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2024-06-28 13:13:13 +00:00
Steven Hawkins
aae1fa1417
fix: addresses cli erroneously wants a secret when env password is set (#30892) 
closes: #30866

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2024-06-28 11:48:42 +02:00
Thomas Darimont
690c6051bb Fix scope policy evaluation for client to client token exchange (#26435) 
Previously the scope from the token was not set available in the ClientModelIdentity attributes.
This caused the NPE in `org.keycloak.authorization.policy.provider.clientscope.ClientScopePolicyProvider.hasClientScope`(..)
when calling `identity.getAttributes().getValue("scope")`.

We now pass the provided decoded AccessToken down to the ClientModelIdentity creation
to allow to populate the required scope attribute.

We also ensure backwards compatibility for ClientPermissionManagement API.

Fixes #26435

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2024-06-28 10:33:20 +02:00
Pedro Ruivo
829e12b857 Incorrect order when instantiate ClientRemovedEvent 
* Fix incorrect order in ClientRemovedEvent constructor
* Do not send an event if the events list is empty

Closes #30840

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2024-06-28 09:51:02 +02:00
Václav Muzikář
bce7a29035
Document how Admin REST API endpoints work with Hostname config 
Closes #30537

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2024-06-28 09:31:41 +02:00
dependabot[bot]
da7de7abd1 Bump vite from 5.3.1 to 5.3.2 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.3.1 to 5.3.2.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v5.3.2/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-28 08:40:17 +02:00
mposolda
f1b8a983d2 Cleanup mod_auth_mellon from the testsuite 
closes #30869

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-06-28 08:33:36 +02:00
Stan Silvert
a1445cd93f
Minor doc fix. (#30899) 
Signed-off-by: Stan Silvert <ssilvert@redhat.com>
 2024-06-27 16:18:32 -04:00
Douglas Palmer
7a8c7502d2 Cleanup of adapter-spi module? 
Closes#30871

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-06-27 19:41:30 +02:00
Pascal Knüppel
c4ebd0cd0c
Add event for ClientScope created (#30715) 
closes #30795 

Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
 2024-06-27 19:05:29 +02:00
Douglas Palmer
220f32aa85 Cleanup of adapter pages 
Closes #30870

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-06-27 18:57:22 +02:00
Douglas Palmer
601355d517 Flaky test: org.keycloak.testsuite.oauth.TokenIntrospectionTest#testUnsupportedToken 
Closes #30111

Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
 2024-06-27 18:41:48 +02:00
andymunro
30264c7dd4
Remove inclusive language foreword 
Closes #30856

Signed-off-by: AndyMunro <amunro@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2024-06-27 15:22:03 +02:00
mposolda
7279f2092e Cleanup of test-apps and related adapter code 
closes #30867

Signed-off-by: mposolda <mposolda@gmail.com>
 2024-06-27 15:10:31 +02:00
Marek Posolda
644bdad2f1 Update integration/admin-client-jee/pom.xml 
Co-authored-by: Jon Koops <jonkoops@gmail.com>
 2024-06-27 11:00:30 +02:00
mposolda
3c3f59f861 Move some server related logic from info representation classes to server codebase 
Signed-off-by: mposolda <mposolda@gmail.com>
 2024-06-27 11:00:30 +02:00
mposolda
e5a4c94f75 Added suffix to keycloak-admin-client artifacts in keycloak repository 
Signed-off-by: mposolda <mposolda@gmail.com>
 2024-06-27 11:00:30 +02:00
MWarnecke
c5fc9f2962
Use provided scope for maven-plugin dependencies 
* use provided scope for maven dependencies

As the maven-plugin-plugin suggests, dependencies to the maven runtime
should be in provided scope.

This gets rid of the according warning which was written during build.

Before Maven 3.9, plexus-utils was injected in the classpath at runtime.
As of Maven 3.9 this is not the case anymore which broke the plugin due
to a usage of said dependency. The only usage is replaced by a visitor
to copy files.

Closes #30542

Signed-off-by: Michael Warnecke <WarneckeMichael@web.de>

* Guides need to see maven's Log class

Signed-off-by: Michael Warnecke <WarneckeMichael@web.de>

---------

Signed-off-by: Michael Warnecke <WarneckeMichael@web.de>
 2024-06-27 09:50:19 +02:00
dependabot[bot]
fa47d1a416 Bump mocha from 10.5.1 to 10.5.2 
Bumps [mocha](https://github.com/mochajs/mocha) from 10.5.1 to 10.5.2.
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mochajs/mocha/compare/v10.5.1...v10.5.2)

---
updated-dependencies:
- dependency-name: mocha
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-27 08:32:58 +02:00
Moises Rodriguez
d924db0b0b
Add REST API error message to NetworkError (#30720) 
Closes #30829

Signed-off-by: moises <moises@signot.com>
 2024-06-26 21:49:01 +00:00
Lukas Hanusovsky
2915a03c6b
Removing chrome-install dependency from GH actions, and Chrome and Firefox webdriver system property from CI workflow 
Closes #30408

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2024-06-26 18:08:07 +00:00
Hynek Mlnarik
f65af84191 Conditionally show Client Offline Session Max 
Fixes: #30521

Signed-off-by: Hynek Mlnarik <hmlnarik@redhat.com>
 2024-06-26 19:06:27 +02:00
Martin Bartoš
0a888512a8
New operator failing on health checks (#30709) 
Closes #30355

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
 2024-06-26 15:46:48 +00:00
Jon Koops
cd0dbdf264
Use the Keycloak server URL for common resources (#30823) 
Closes #30541

Signed-off-by: Jon Koops <jonkoops@gmail.com>
 2024-06-26 14:52:25 +00:00
jade
261bc41af2
messages: Correct {Client,Realm} Role prefix description to make sense (#30277) 
It's unclear from the previous description that this field is used to
prepend things to the names in the token.

Signed-off-by: Jade Lovelace <software@lfcode.ca>
Co-authored-by: agagancarczyk <4890675+agagancarczyk@users.noreply.github.com>
 2024-06-26 14:24:58 +01:00
rmartinc
c20dbc5c32 Add availability for features and make kerberos use it 
Closes #30730

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2024-06-26 14:33:38 +02:00
agagancarczyk
ca26524259
Restored multivalued switch on create attribute (#30811) 
* restored multivalued switch

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

* small cleanup

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>

---------

Signed-off-by: Agnieszka Gancarczyk <agancarc@redhat.com>
Co-authored-by: Agnieszka Gancarczyk <agancarc@redhat.com>
 2024-06-26 14:30:11 +02:00
etiksouma
d34e468a57
Rename label on realm details page (#28106) 
Closes #28106

Signed-off-by: etiksouma <al@mouskite.com>
 2024-06-26 12:31:42 +02:00
Martin Bartoš
30fdba00b5
Describe mTLS overrides for the management interface (#30735) 
Closes #30094

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2024-06-26 12:02:36 +02:00
Alexander Schwartz
1edf444bc8
Re-augment at start after a previous dev mode (#30461) 
Closes #30460

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2024-06-26 09:00:54 +00:00
dependabot[bot]
1dcd07aa13 Bump @types/node from 20.14.8 to 20.14.9 
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.14.8 to 20.14.9.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-26 09:26:33 +02:00
dependabot[bot]
1f5c9d56ca Bump mocha from 10.5.0 to 10.5.1 
Bumps [mocha](https://github.com/mochajs/mocha) from 10.5.0 to 10.5.1.
- [Release notes](https://github.com/mochajs/mocha/releases)
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md)
- [Commits](https://github.com/mochajs/mocha/compare/v10.5.0...v10.5.1)

---
updated-dependencies:
- dependency-name: mocha
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-26 09:26:21 +02:00
Romain LABAT
6615691c63
Support for service accounts when fetch roles is enabled (#30687) 
Support for service accounts when fetch roles is enabled

Signed-off-by: Romain LABAT <contact@romainlabat.fr>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2024-06-25 18:00:26 -03:00