keycloak-scim

Author	SHA1	Message	Date
rmartinc	347f595913	Add ECDH-ES encyption algorithms to the java keystore key provider Closes #32023 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-09 15:57:51 +02:00
Martin Kanis	da0864682a	Conditionally redirect existing users to a broker based on their credentials Closes #31006 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-08-09 07:59:25 -03:00
rmartinc	2a06e1a6db	Add SHAKE256 hash provider for Ed448 Closes #31931 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-08 17:36:54 +02:00
Justin Tay	966a454548	Add ECDH-ES JWE Algorithm Provider, Add generated ECDH key provider (#23928 ) Closes #23596 Closes #23597 Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>	2024-08-08 17:29:35 +02:00
Steven Hawkins	7ce6f12fe3	fix: adds a check for duplicate users/clients to simplify cmd errors (#31583 ) also changes temp-admin-service to temp-admin closes: #31160 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2024-08-08 08:20:33 -04:00
Pedro Igor	3ab2446074	Do not return identity providers when querying the realm representation Closes #21072 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-08-07 10:06:51 -03:00
rmartinc	acbbfde4ab	Adding upgrading notes for brute force changes Closes #31960 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-07 14:38:30 +02:00
Pascal Knüppel	f3341390f4	Issuer id must be a URL according to specification (#30961 ) fixes #30960 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2024-08-07 14:35:58 +02:00
Giuseppe Graziano	35c8c09b8d	OIDC dynamic client registration with response_type=none Closes #19564 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-08-07 10:34:47 +02:00
rmartinc	8a09905e5c	Remove the attempt in brute force when the off-thread finishes Closes #31881 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-06 15:30:49 -03:00
Michal Hajas	50c07c6e7c	Simplify configuration for MULTI_SITE Closes #31807 Signed-off-by: Michal Hajas <mhajas@redhat.com>	2024-08-06 16:14:33 +00:00
Stefan Wiedemann	6258256c1b	Fix access token issue OID4VC (#31763 ) closes #31712 Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com>	2024-08-04 11:42:40 +02:00
Ingrid Kamga	7c69c857a1	Add a media type to error responses on OID4VC endpoints Closes #31585 Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>	2024-08-02 12:09:09 +02:00
Justin Tay	f537343545	Allow empty key use in JWKS from identity provider Closes #31823 Signed-off-by: Justin Tay <49700559+justin-tay@users.noreply.github.com>	2024-08-02 11:39:43 +02:00
rmartinc	773e309f75	Parse saml urls correctly if the bindings are different Closes #31780 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-08-02 11:34:06 +02:00
Thomas Darimont	282260dc95	Ensure issued_client_type is always added to successful token-exchange response (#31548 ) - Compute issued_token_type response parameter based on requested_token_type and client configuration - `issued_token_type` is a required response parameter as per [RFC8693 2.2.1](https://datatracker.ietf.org/doc/html/rfc8693#section-2.2.1) - Added test to ClientTokenExchangeTest that requests an access-token as requested-token-type Fixes #31548 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-07-30 18:33:51 +02:00
Alexander Schwartz	11b19bc272	For persistent sessions, don't remove user session if there is no session in the remote store (#31756 ) Closes #31115 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-07-30 17:57:09 +02:00
Pedro Igor	a79761a447	Support for blocking concurrent requests when brute force is enabled Closes #31726 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Signed-off-by: Douglas Palmer <dpalmer@redhat.com> Signed-off-by: mposolda <mposolda@gmail.com>	2024-07-30 10:01:48 +02:00
Martin Kanis	d91d6d18d5	Can not update organization group error when trying to create organisation from REST API Closes #31144 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-07-29 17:39:56 +02:00
Pascal Knüppel	94784182df	Implement DPoP for all grantTypes (#29967 ) fixes #30179 fixes #30181 Signed-off-by: Pascal Knüppel <captain.p.goldfish@gmx.de> Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>	2024-07-29 16:30:54 +02:00
Stefan Guilhen	f45529de8c	Deprecate IDP related methods in RealmModel - delegate to the new provider Closes #31253 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-07-29 16:02:26 +02:00
Stefan Guilhen	c16e88bcee	Make the IDPProvider via session.identityProviders() Closes #31252 Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>	2024-07-29 16:02:26 +02:00
Alexander Schwartz	6d404b86c9	Trigger clearing the user cache when the duplicate email allowed flag changes Closes #31045 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2024-07-29 10:37:42 +02:00
Francis Pouatcha	cc78fd7ca0	Provided keycloak with a protocol mapper, that can allow to optionally add iat and nbf claims to VCs (#31620 ) closes #31581 Signed-off-by: Francis Pouatcha <francis.pouatcha@adorsys.com>	2024-07-29 09:32:48 +02:00
Pedro Igor	87c279d645	Respect the username value format when processing federated users Closes #31240 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-29 09:28:43 +02:00
Pedro Igor	4d8c525644	Make sure changes to user profile metadata is not stored when calling decorators (#31549 ) Closes #30476 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-29 09:03:21 +02:00
Pedro Igor	1f8280c71a	Allow members joining multiple organizations Closes #30747 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-29 09:02:36 +02:00
Giuseppe Graziano	12732333c8	Client scope assignment for client registration Closes #31062 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-07-26 17:33:49 +02:00
Stian Thorgersen	30cd88fefe	Change default bootstrap admin service account client-id (#31649 ) Closes #31648 Signed-off-by: stianst <stianst@gmail.com>	2024-07-26 10:45:26 +00:00
vramik	649b35929e	Make sure users created through a registration link are managed members Closes #30743 Signed-off-by: vramik <vramik@redhat.com>	2024-07-25 04:30:13 -03:00
Maciej Mierzwa	97e89e2071	feature: password age in days policy Closes #30210 Signed-off-by: Maciej Mierzwa <dev.maciej.mierzwa@gmail.com>	2024-07-24 15:12:16 -03:00
Francis Pouatcha	30be268672	Enhance Verifiable Credential Signing Service Flexibility and Key Rotation(#30692 ) closes #30525 Signed-off-by: Francis Pouatcha <francis.pouatcha@adorsys.com>	2024-07-24 13:45:39 +02:00
rmartinc	5db3772d45	Remove TrustedHostClientRegistrationPolicyTest#testGithubDomain Closes #29271 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-23 11:33:38 +02:00
Diego Ramp	ae74d923d2	fix bad debugv({}) in favor of more tolerant debugf(%s) Closes #31368 Signed-off-by: Diego Ramp <diego.ramp@mobi.ch>	2024-07-18 10:34:32 +02:00
mposolda	3110bb8989	Missing Cache-Control header when response_type parameter is missing in login request closes #29866 Signed-off-by: mposolda <mposolda@gmail.com>	2024-07-18 10:17:52 +02:00
Pascal Knüppel	018a0802bc	Remove java.util.Date from VerifiableCredential (#30920 ) closes #30918 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2024-07-18 09:52:02 +02:00
Captain-P-Goldfish	526286e851	Manipulate OpenID redirect-response with custom implementation Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2024-07-17 17:20:18 +02:00
Martin Kanis	e5848bdcf9	Cannot set unmanagedAttributePolicy without profile attributes Closes #31153 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-07-17 09:53:59 -03:00
Ricardo Martin	3d12c05005	Correctly moves to the next required action (#31358 ) Closes #31014 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com> Co-authored-by: Giuseppe Graziano <g.graziano94@gmail.com> Co-authored-by: rmartinc <rmartinc@redhat.com>	2024-07-17 09:38:29 +02:00
Pascal Knüppel	8485bc38ef	Make ProofType a string instead of enum (#31000 ) fixes #30999 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>	2024-07-16 11:30:38 +02:00
Martin Kanis	887db25f00	Allow auto-redirect existing users federated from organization broker when using the username Closes #30746 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-07-15 13:48:45 -03:00
Pedro Igor	c33585a5f4	All pubic brokers are shown during authentication rather than only those associated with the current organization Closes #31246 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-12 17:51:39 +02:00
Douglas Palmer	9300903674	page-expired error page shown when using browser back-button on forgot-password page after invalid login attempt Closes #25440 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-07-12 16:24:21 +02:00
Pascal Knüppel	4028ada2a5	Add required default-context value to VerifiableCredential (#30959 ) closes #30958 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>	2024-07-11 18:25:11 +02:00
Pascal Knüppel	96234d42cf	Exchange Enum type of Format for String (#30875 ) closes #30873 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>	2024-07-11 18:18:14 +02:00
Steven Hawkins	4970a9b729	fix: deprecate KEYCLOAK_ADMIN and KEYCLOAK_ADMIN_PASSWORD closes: #30658 Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Steven Hawkins <shawkins@redhat.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-07-11 18:07:57 +02:00
Pedro Igor	0410653e71	Do not send attributes when unlocking the user Closes #31165 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-11 14:16:23 +02:00
rmartinc	096e335a92	Support for vault and AES and HMAC algorithms to JavaKeystoreKeyProvider Closes #30880 Closes #29755 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-11 12:40:45 +02:00
Pedro Igor	da6c9ab7c1	Bruteforce protector does not work when using organizations Closes #31204 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-11 00:26:47 +02:00
Martin Kanis	922eaa9fc8	Disable username prohibited chars validator when email as username is… (#31140 ) * Disable username prohibited chars validator when email as the username is set Closes #25339 Signed-off-by: Martin Kanis <mkanis@redhat.com> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-10 09:46:24 -03:00
Pedro Igor	d475833361	Do not expose kc.org attribute in user representations Closes #31143 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-10 13:43:23 +02:00
rmartinc	f78a46485d	TE should create a transient session when there is no initial session in client-to-client exchange Closes #30614 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-07-08 15:44:38 -03:00
Lucy Linder	b4f7487dd3	Fix ReCAPTCHA Enterprise failing due to new properties in response The assessment response added a new field called accountDefenderAssessment. This commit adds the new property, and also ensures new properties won't be problematic next time by ignoring unknown properties on the top level object. Closes: #30917 Signed-off-by: Lucy Linder <lucy.derlin@gmail.com>	2024-07-08 16:59:47 +02:00
Thomas Darimont	c460fa7b48	Allow user to configure prompt parameter for google sign-in Closes #16750 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-07-04 12:01:32 +02:00
Pedro Igor	f010f7df9b	Reverting removal of test assertions and keeping existing logic where only brokers the user is linked to is shown after identity-first login page Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-07-03 11:55:04 -03:00
Martin Kanis	e1b735fc41	Identity-first login flow should be followed by asking for the user credentials Closes #30339 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-07-03 11:55:04 -03:00
Steven Hawkins	96511e55c6	startup, welcome, and cli handling of bootstrap-admin user (#30054 ) * fix: adding password and service account based bootstrap and recovery closes: #29324, #30002, #30003 Signed-off-by: Steve Hawkins <shawkins@redhat.com> * Fix tests Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> --------- Signed-off-by: Steve Hawkins <shawkins@redhat.com> Signed-off-by: Václav Muzikář <vmuzikar@redhat.com> Co-authored-by: Václav Muzikář <vmuzikar@redhat.com>	2024-07-03 15:23:40 +02:00
Giuseppe Graziano	02d64d959c	Using _system client when account client is disabled for email actions Closes #17857 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-07-03 08:43:36 +02:00
cgeorgilakis-grnet	20cedb84eb	Check refresh token flow response for offline based on refresh token request parameter Closes #30857 Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>	2024-07-02 18:13:30 -03:00
Pedro Igor	cc2ccc87b0	Filtering organization groups when managing or processing groups Closes #30589 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-28 10:27:18 -03:00
Thomas Darimont	690c6051bb	Fix scope policy evaluation for client to client token exchange (#26435 ) Previously the scope from the token was not set available in the ClientModelIdentity attributes. This caused the NPE in `org.keycloak.authorization.policy.provider.clientscope.ClientScopePolicyProvider.hasClientScope`(..) when calling `identity.getAttributes().getValue("scope")`. We now pass the provided decoded AccessToken down to the ClientModelIdentity creation to allow to populate the required scope attribute. We also ensure backwards compatibility for ClientPermissionManagement API. Fixes #26435 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-06-28 10:33:20 +02:00
Douglas Palmer	601355d517	Flaky test: org.keycloak.testsuite.oauth.TokenIntrospectionTest#testUnsupportedToken Closes #30111 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>	2024-06-27 18:41:48 +02:00
mposolda	3c3f59f861	Move some server related logic from info representation classes to server codebase Signed-off-by: mposolda <mposolda@gmail.com>	2024-06-27 11:00:30 +02:00
Jon Koops	cd0dbdf264	Use the Keycloak server URL for common resources (#30823 ) Closes #30541 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-06-26 14:52:25 +00:00
Takashi Norimatsu	b0aac487a3	VC issuance in Authz Code flow with considering scope parameter closes #29725 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2024-06-24 10:53:19 +02:00
Jon Koops	df18629ffe	Use a default Java version from root POM (#29927 ) Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-06-21 14:19:31 +02:00
mposolda	6a9e60bba0	Flow steps back when changing locale or refreshing page on 'Try another way page' closes #30520 Signed-off-by: mposolda <mposolda@gmail.com>	2024-06-21 11:22:15 +02:00
rmartinc	592c2250fc	Add briefRepresentation query parameter to getUsersInRole endpoint Closes #29480 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-06-21 11:21:02 +02:00
Takashi Norimatsu	6b135ff6e7	client-jwt authentication fails on Token Introspection Endpoint closes #30599 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2024-06-21 10:47:25 +02:00
Pedro Igor	a0ad680346	Adding an alias to organization and exposing them to templates Closes #30312 Closes #30313 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-20 14:36:14 -03:00
Jon Koops	77fb3c4dd4	Use correct host URL for Admin Console requests (#30535 ) Closes #30432 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-06-19 15:21:53 +02:00
Francis Pouatcha	d4797e04a2	Enhance SupportedCredentialConfiguration to support optional claims object as defined in OpenID for Verifiable Credential Issuance specification (#30420 ) closes #30419 Signed-off-by: Francis Pouatcha <francis.pouatcha@adorsys.com>	2024-06-18 17:07:49 +02:00
rmartinc	38d8cf2cb3	Add UPDATE event to the client-roles condition Closes #30284 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-06-18 15:30:42 +02:00
Thibault Morin	f6fa869b12	feat(SAML): add Artifact Binding on brokering scenarios when Keycloak is SP (#29619 ) * feat: add Artifact Binding on brokering scenarios when Keycloak is SP Signed-off-by: tmorin <git@morin.io> * Adding broker test and minor improvements Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> * Fixing IdentityProviderTest Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> * Renaming methods related to idp initiated flows Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> * Fixing partial_import_test.spec.ts Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> --------- Signed-off-by: tmorin <git@morin.io> Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-14 08:54:49 -03:00
vramik	d355e38424	Provide a cache layer for the organization model Closes #30087 Signed-off-by: vramik <vramik@redhat.com>	2024-06-13 08:13:36 -03:00
Jon Koops	c7361ccf6e	Run the Vite dev server through the Keycloak server (#27311 ) Closes #19750 Closes #28643 Closes #30115 Signed-off-by: Jon Koops <jonkoops@gmail.com>	2024-06-12 11:55:14 +02:00
Pedro Igor	e6df8a2866	Allow multiple instances of the same social broker in a realm Closes #30088 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-11 12:44:10 -03:00
Fouad Almalki	780ec71672	Add support of RTL UI in login themes (#29907 ) Closes #29974 Signed-off-by: Fouad Almalki <me@fouad.io>	2024-06-11 07:12:13 -04:00
Patrick Jennings	75925dcf6c	Client type configuration inheritance (#30056 ) closes #30213 Signed-off-by: Patrick Jennings <pajennin@redhat.com>	2024-06-10 18:59:08 +02:00
rmartinc	7d05a7a013	Logout from all clients after IdP logout is performed Closes #25234 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-06-10 11:58:09 -03:00
e.sergeenko	f00c2f3eb0	Add ability to get realm attributes Closes #30241 Signed-off-by: e.sergeenko <sergeenkoegor@yandex.ru>	2024-06-07 13:05:06 +02:00
rmartinc	760e01b9db	Improvements for openapi annotations in AuthenticationManagementResource Closes #29788 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-06-07 13:04:00 +02:00
Giuseppe Graziano	6067f93984	Improvements to refresh token rotation with multiple tabs (#29966 ) Closes #14122 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-06-07 12:02:36 +02:00
vickeybrown	c96c6c4feb	Default SAML client type (#29493 ) closes #29492 Signed-off-by: Vickey Brown <vibrown@redhat.com>	2024-06-07 11:43:43 +02:00
Erik Jan de Wit	5897334ddb	Align environment variables between consoles (#30125 ) * change to make authServerUrl the same as authUrl fixes: #29641 Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> * Remove `authUrl` entirely Signed-off-by: Jon Koops <jonkoops@gmail.com> * Remove file that is unrelated Signed-off-by: Jon Koops <jonkoops@gmail.com> * Split out and align environment variables between consoles Signed-off-by: Jon Koops <jonkoops@gmail.com> * Restore removed variables to preserve backwards compatibility Signed-off-by: Jon Koops <jonkoops@gmail.com> * Also deprecate the `authUrl` for the Admin Console Signed-off-by: Jon Koops <jonkoops@gmail.com> --------- Signed-off-by: Erik Jan de Wit <erikjan.dewit@gmail.com> Signed-off-by: Jon Koops <jonkoops@gmail.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-06-06 08:36:46 +02:00
Pedro Igor	94c194f1f4	Prevent users to unlink from their home identity provider when they are a managed member Closes #30092 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com> Co-authored-by: Vlasta Ramik <vramik@users.noreply.github.com>	2024-06-05 13:57:01 +02:00
mposolda	0bf613782f	Updating client policies in JSON editor is buggy. Attempt to update global client policies should throw the error closes #30102 Signed-off-by: mposolda <mposolda@gmail.com>	2024-06-05 13:55:02 +02:00
rmartinc	eedfd0ef51	Missing auth checks in some admin endpoints (#166 ) Closes keycloak/keycloak-private#156 Signed-off-by: rmartinc <rmartinc@redhat.com>	2024-06-05 12:04:47 +02:00
Giuseppe Graziano	d5e82356f9	Encrypted KC_RESTART cookie and removed sensitive notes Closes #keycloak/keycloak-private#162 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2024-06-05 10:33:44 +02:00
Pedro Igor	f8d55ca7cd	Export import realm with organizations Closes #30006 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-05 09:50:03 +02:00
Martin Kanis	33331788a4	Introduce count method to avoid fetching all organization upon checking for existence Closes #29697 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2024-06-04 10:45:28 -03:00
Thomas Darimont	35a4a17aa5	Add support for application/jwt media-type in token introspection (#29842 ) Fixes #29841 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2024-06-03 19:06:21 +02:00
Martin Bartoš	262fc09edc	OpenJDK 21 support (#28518 ) * OpenJDK 21 support Closes #28517 Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Signed-off-by: Martin Bartoš <mabartos@redhat.com> * x509 SAN UPN other name is not handled in JDK 21 (#904) closes #29968 Signed-off-by: mposolda <mposolda@gmail.com> --------- Signed-off-by: Martin Bartoš <mabartos@redhat.com> Signed-off-by: mposolda <mposolda@gmail.com> Co-authored-by: Václav Muzikář <vaclav@muzikari.cz> Co-authored-by: Marek Posolda <mposolda@gmail.com>	2024-06-03 14:17:28 +02:00
mposolda	9074696382	Editing built-in client policy profiles are silently reverted closes #27184 Signed-off-by: mposolda <mposolda@gmail.com>	2024-06-03 14:00:37 +02:00
Pedro Igor	4c39fcc79d	Allow to configure if users are automatically redirected when the email domain matches an organization Closes #30050 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2024-06-03 13:34:21 +02:00
vramik	a8ceada973	Fix creation of domains when creating the organization Closes #29005 Signed-off-by: vramik <vramik@redhat.com>	2024-06-03 10:22:20 +02:00
raff897	6d6131cade	Backchannel logout url with curly brackets closes #30023 Signed-off-by: raff897 <85362193+raff897@users.noreply.github.com>	2024-06-03 09:51:39 +02:00
Stefan Wiedemann	0f6f9543ba	Add oid4vci to the account console (#29174 ) closes #25945 Signed-off-by: Stefan Wiedemann <wistefan@googlemail.com> Co-authored-by: Erik Jan de Wit <edewit@redhat.com> Co-authored-by: Jon Koops <jonkoops@gmail.com>	2024-05-31 15:11:32 +02:00
Patrick Jennings	5144f8d85f	Improve Client Type Integration Tests (#29944 ) closes #30017 Signed-off-by: Patrick Jennings <pajennin@redhat.com>	2024-05-31 09:53:22 +02:00
Andrejs Mivreniks	1cf87407fe	Allow setting authentication flow execution priority value via Admin API Closes #20747 Signed-off-by: Andrejs Mivreniks <andrejs@fastmail.com>	2024-05-30 19:17:45 +02:00

1 2 3 4 5 ...

4766 commits