A new version which contains a couple of
bug fixes plus CVE updates for its dependencies:
Breaking changes
- Add EdDSA support #662
- Correct AuthenticationAlgorithm(0x0011) value #657
Dependency Upgrades
- Bump spring-boot-dependencies from 2.6.7 to 2.7.0 #661
- Bump jacksonVersion from 2.13.2 to 2.13.3 #660
- Bump kerby-asn1 from 2.0.1 to 2.0.2 #659
Bump checker-qual from 3.21.4 to 3.22.0 #654Resolves#12311
postgres update to 42.3.3. Did a hands-on startup performance test between 2.7.1 and 2.7.2, no change (between 3.2xx and 3.4xx seconds for start-dev with initialized db, mostly in the 3.3xx or lower 3.4xx timeframe). Also did a few smoketests
Closes#10437Closes#10282
* Upgrade to Liquibase 4.6.2
* Add valid checksums to changesets to allow migration to newest liquibase
* Update liquibase licenses
Co-authored-by: Martin Kanis <mkanis@redhat.com>
* WF 25.0.1 upgrade light
* Re-enable adapters with old WF versions
* Put server-overlay and server-legacy-dist back to reduce size of PR changes
* Remove some more changes that are not needed
* Fix issues adding to provider properties
* Fix user-profile updates for tests
* tls fixes
* Set WF to 23 for adapter tests
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
* KEYCLOAK-18512: Integrate New Admin Console into Keycloak build
* KEYCLOAK-18512: Integrate New Admin Console into Keycloak build
* Change version to project version. Make experimental.
* Add PAT for reading packages (#12)
* Add PAT for reading packages
* Encode token
* Use generic GH account for installation of packages
* Enable Github packages repo only for snapshots
* KEYCLOAK-18512: Make ADMIN2 experimental instead of preview
* KEYCLOAK-18512: Remove early return
* KEYCLOAK-18512: Fix formatting issue
Co-authored-by: Jon Koops <jonkoops@gmail.com>
error for:
* org.keycloak.testsuite.crossdc.LastSessionRefreshCrossDCTest and
* org.keycloak.testsuite.crossdc.SessionExpirationCrossDCTest
tests, when running cross-DC tests with JDK 11
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
[KEYCLOAK-17227] Return the versions of Wildfly deprecated module in the Arquillian
testsuite to those defined by Wildfly 21
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Base fixes:
* [KEYCLOAK-17228] Upgrade Keycloak to Wildfly 23.0.0.Final / Wildfly Core 15.0.0.Final
Other (related) fixes:
* [KEYCLOAK-17477] Update org.wildfly.common to 1.5.4.Final
* [KEYCLOAK-17478] Update wildfly-galleon-maven-plugin to 5.1.0.Final
* [KEYCLOAK-17479] Keycloak Galleon Feature Pack: Adapter fails to build on top of Wildfly 23
* [KEYCLOAK-17482] Sync Wildfly 23 model changes to Keycloak
* [KEYCLOAK-17508] Apply workaround for WFCORE-5335
* [KEYCLOAK-17231] Update org.keycloak.testsuite.metrics.MetricsRestServiceTest
to work with org.wildfly.extension.health
* [KEYCLOAK-17585] Fix Quarkus startup failure post applying Wildfly 23 upgrade changes
* [KEYCLOAK-17583] Fix ConfigMigrationTest post applying Wildfly 23 model changes
* [KEYCLOAK-17584] Fix ActionTokenCrossDCTest#sendResetPasswordEmailSuccessWorksInCrossDc
test failure post applying Wildfly 23 upgrade changes
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Base fixes:
* [KEYCLOAK-16724] Upgrade Keycloak to Wildfly 22.0.0.Beta1 / Wildfly Core 14.0.0.Beta4
* [KEYCLOAK-16822] Upgrade Keycloak to Wildfly 22.0.0.Final / Wildfly Core 14.0.0.Final
* [KEYCLOAK-17158] Upgrade Keycloak to Wildfly 22.0.1.Final / Wildfly Core 14.0.1.Final
Other (related) fixes:
* [KEYCLOAK-16174] Upgrade (RH-SSO adapters) to EAP CD 21
* [KEYCLOAK-16202] Don't upgrade versions of httpclient and httpcore in the Fuse adapter
as part of the Wildfly upgrade script run
* [KEYCLOAK-16737] Keycloak core depends on org.bouncycastle:bcprov-jdk15on:1.65, which
suffers from CVE-2020-28052
* [KEYCLOAK-16907] ConfigMigrationTest fails after upgrade to Wildfly 22.0.0.Final
* [KEYCLOAK-17156] org.keycloak.test.config.migration.ConfigMigrationTest fails with
'illegal reflective access to method com.sun.net.ssl.internal.ssl.Provider.isFIPS()'
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Base fixes:
* [KEYCLOAK-15780] Upgrade Keycloak to Wildfly 21.0.0.Beta1 / Wildfly Core 13.0.0.Beta6
* [KEYCLOAK-16031] Upgrade Keycloak to Wildfly 21.0.0.Final / Wildfly Core 13.0.1.Final
* [KEYCLOAK-16442] Upgrade Keycloak to Wildfly 21.0.1.Final / Wildfly Core 13.0.3.Final
Other (dependent) fixes:
* [KEYCLOAK-15408] Deprecate former Wildfly and Wildfly Core versions in Arquillian's
testsuite pom.xml file as part of the upgrade script
* [KEYCLOAK-15442] Update the version of 'jboss-parent' as part of the Wildfly upgrade
script if necessary
* [KEYCLOAK-15474] Add --verbose and --force options to the Wildfly upgrade automated script
* [KEYCLOAK-15649] Update "urn:jboss:domain:infinispan:10.0" version as part of the Wildfly
upgrade automated script
* [KEYCLOAK-15652] Wildfly upgrade automated script - Align Python artifact version
comparsion algorithm with the Maven / Java one
Signed-off-by: Jan Lieskovsky <jlieskov@redhat.com>
Adapted Jetty94SessionManager to workaround Jetty 9.4 API changes.
The Method org.eclipse.jetty.server.session.SessionHandler#getHttpSession
was changed from public to protected which makes it no longer accessible.
As a workaround the method contents were inlined.
- removing hardcoded `jackson.version` from performance testsuite pom
- moving `jackson.annotations.version` from performance testsuite pom to the root pom
`npm install` is changed to run at build time, removing the need for commiting
the js modules, which are getting a bit silly in size with the introduction of
account2. Appropriate changes to prod-arguments.json are included that should
enable the product build to function properly. The community and developer
builds will continue to work without the proxying PNC provides.
This also changes the themes pom to work with more than one `package.json`
file. The only other one at the moment is for the new account console /
account2.
The documentation file has been updated.
Since we're building directly out of the source directories, it is possible in
a local dev environment for unintended files (e.g. old compiled .js files),
placed within src/main/resources/, to be included in the themes jar. This
shouldn't be a problem for actual builds though, which use a fresh clone.
Other small changes include refactoring the npm setup stuff to a global
definition, and the introduction of some properties to avoid duplicating path
definitions everywhere.
This commit does not include the churn that would result from deleting the
existing commited modules.