libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
14171 commits 4 branches 5 tags 480 MiB
Commit graph

14171 commits

This branch
This branch
All branches
Author SHA1 Message Date
andreaTP
0e398b947b Increase Hang Detection Timeout in Operator Tests 2022-03-16 10:17:13 -03:00
andreaTP
c3348c8931 Deploy a default ingress along with the Deployment 2022-03-16 09:54:48 -03:00
Stian Thorgersen
0de7bae121
Sign artefacts uploaded to Maven Central (#10766) 
Closes #10765
 2022-03-16 13:20:27 +01:00
Yoann Guion
3d470126de include AuthnContextDecl if present during SAML Assertion Serialization 
Closes #10743
 2022-03-16 12:12:35 +01:00
Bruno Oliveira da Silva
6ebad26904
Failure to upload the SARIF file on pull requests (#10725) 
The changes proposed here will resolve the issues we have with
pull-request after the merge of #10606. It creates 3 different
workflows to conditionally execute the job based on changes submitted.

A detailed explanation about the issue can be found on #10717.

Resolves #10717
 2022-03-15 08:59:59 +01:00
Stian Thorgersen
1b214aaed6
Publish directly to Sonatype OSSRH (#10712) 
Closes #10711
 2022-03-15 08:59:11 +01:00
Stian Thorgersen
4eb1720259
GitHub Action to release Keycloak container (#10683) 
Closes #10682
 2022-03-15 08:58:44 +01:00
andreaTP
533a332ca9 Append the legacy CRD using a Json patch 2022-03-14 18:09:33 -03:00
Alexander Schwartz
8d1a47f768 adding missing log4j configuration to prevent errors in the log 
Closes #10613
 2022-03-14 10:12:49 -03:00
Pedro Igor
ad865e75c1 Change the flush mode to auto and fixing how entities are checked if they are loaded in the EM 
Closes #10411
 2022-03-11 12:21:52 -03:00
Bruno Oliveira da Silva
f06ba05405
The CodeQL analysis is broken due to the large content of the SARIF file (#10606) 
The issue was originally caused by high number of flows paths per alert
generated by the LDAP federation module. That was identified taking the
SARIF file generated and running:

```
jq '.runs[0].results | map({query_id: .rule.id, numPaths: .codeFlows |
length})' java.sarif

```

Together we reduced the number of flows paths, adding optimizations to
skip some paths and avoid false alerts.

Co-authored-by: Bruno Oliveira da Silva <bruno@abstractj.com>

Closes #10203

Co-authored-by: Joshua Mulliken <joshua@mulliken.net>
 2022-03-11 13:55:17 +01:00
Stian Thorgersen
30d2dcb7b3
Updates readme to new Quarkus container images (#10706) 
Closes #10564
 2022-03-11 11:09:24 +01:00
Dominik Guhr
fb41c52675
Update to Quarkus 2.7.4 (#10687) 
includes ispn 13.0.6

Closes #10685
 2022-03-11 09:25:34 +01:00
Bruno Oliveira da Silva
68c7032f1e
Mismatch between RESTEasy dependency on Operator and Quarkus distribution Closes #10702 (#10703) 2022-03-11 09:24:54 +01:00
mposolda
9e12587181 Protocol mapper and client scope for 'acr' claim 
Closes #10161
 2022-03-11 09:23:25 +01:00
Martin Bartoš
8ee7ae24de Make WebAuthn feature default for the product version 
Closes #10695
 2022-03-10 19:00:54 +01:00
Dominik Guhr
5233f2a729 Remove wrong message from build command help 
Closes #10664
 2022-03-10 13:36:48 -03:00
Ivan Atanasov
5c6b123aff
Support for the Recovery codes (#8730) 
Closes #9540


Co-authored-by: Zachary Witter <torquekma@gmail.com>
Co-authored-by: stelewis-redhat <91681638+stelewis-redhat@users.noreply.github.com>
 2022-03-10 15:49:25 +01:00
Martin Bartoš
8a0f1ccb34 Properly execute AuthenticationFlowCallbackProviderTest with Map storage 
Closes #10268, Closes #10225
 2022-03-10 15:00:23 +01:00
rmartinc
a7c8aa1dd3
[#10616] Incorrect username logged for federated accounts (#10662) 
Closes #10616
 2022-03-10 13:21:39 +01:00
Marcelo Daniel Silva Sales
0c25da542c
Update secret rotation when the policy is disabled (#10674) 
Closes #10667
 2022-03-10 13:03:09 +01:00
Martin Kanis
1a4d7c297a
Change authentication sessions map to set (#10596) 2022-03-10 08:45:24 +01:00
andreaTP
6504c058dd Harden operator CI 2022-03-09 10:30:18 -03:00
Alexander Schwartz
18f391d8c4 Fix spelling error in field and classname 
It's always a converter, unless electricity is involved.

Closes #10573
 2022-03-09 08:28:52 -03:00
Marcelo Daniel Silva Sales
7335abaf08
Keycloak 10489 support for client secret rotation (#10603) 
Closes #10602
 2022-03-09 00:05:14 +01:00
andreaTP
fd2cd688b8 TLS config in the operator 2022-03-08 15:21:11 -03:00
Dominik Guhr
1710b38cf8 Update to quarkus 2.7.3 
Full changelog on quarkus side: https://github.com/quarkusio/quarkus/releases/tag/2.7.3.Final | startup performance: no degradation | manual smoke tests: passed

Closes #10641
 2022-03-08 13:45:25 -03:00
Pedro Igor
c11a6e3ef0 Allow using an additional persistence unit and datasource 
Closes #10579
 2022-03-08 12:09:49 -03:00
mposolda
d394e51674 Introduce profile 'feature' for step-up authentication enabled by default 
Closes #10315
 2022-03-08 14:42:46 +01:00
rmartinc
48565832d4 [#10608] Password blacklists folder 2022-03-08 08:22:34 -03:00
Dominik Guhr
8454dc5a5d Support for console-JSON and FILE logging 
See logging.adoc for details on the usage

Closes #10523, #10607 and #10415
 2022-03-08 08:19:03 -03:00
Alexander Schwartz
3c3f003a38 LDAP Map storage support to support read/write for roles 
Closes #9929
 2022-03-08 12:03:10 +01:00
mposolda
93bba8e338 Replace 'Store LoA in User Session' with 'Max Age'. Refactoring of step-up authentications related to that. 
Closes #10205
 2022-03-08 10:41:05 +01:00
Martin Bartoš
2bae2d2167 DeleteAccountTest failure in the test pipeline 
Closes #10630
 2022-03-08 08:33:31 +01:00
Martin Bartoš
02d0fe82bc Auth execution 'Condition - User Attribute' missing 
Closes #9895
 2022-03-08 08:24:48 +01:00
Michal Hajas
f77ce315bb Disable Authz caching for new storage tests 
Closes #10500
 2022-03-07 10:22:55 -03:00
Joaquim Fellmann
f569db2e42 Update kubernetes cache-stack documentation 
Closes #10341
 2022-03-07 07:32:18 -03:00
Alexander Schwartz
e1318d52d7 Add section on how to add the initial admin user 
Closes #10531

Co-authored-by: Dominik Guhr <89905860+DGuhr@users.noreply.github.com>
 2022-03-04 13:25:09 -03:00
Michael Parlee
722ce950bf Improve user search performance 
Removes bulder.lower() from user search queries on email and username.

Closes #8893
 2022-03-04 14:15:14 +01:00
Takashi Norimatsu
201277b897 Handle OIDC authz request with "response_type" missing and "response_mode=form_post" 
Closes #10144
 2022-03-04 13:31:40 +01:00
Martin Kanis
6c64d465ea Convert authentication session entities into interface 2022-03-04 10:50:18 +01:00
Alexander Schwartz
ebfc24d6c1 Ensure that Infinispan shutdowns correctly at the end of the tests. Report any exceptions within another thread as a test failure. 
Adding additional information like a thread dump when it doesn't shutdown as expected.

Closes #10016
 2022-03-04 10:47:01 +01:00
Alexander Schwartz
74581b5c10 Workaround for deadlock when shutting down Infinispan in 12.1.7.Final. 
This is tracked in upstream issue https://issues.redhat.com/browse/ISPN-13664

Closes #10016
 2022-03-04 10:47:01 +01:00
Jonathan Vila
c4b978b6c8 Operator Clustering support 
Co-authored-by: Jonathan Vila <jvilalop@redhat.com>
Co-authored-by: Andrea Peruffo <andrea.peruffo1982@gmail.com>
 2022-03-03 16:22:01 -03:00
Takashi Norimatsu
92f6c75328 Nonce parameter should be required in authorizationEndpoint only when "id_token" is included in response_type 
Closes #10143
 2022-03-03 13:26:39 +01:00
Alfredo Boullosa
6801688dd4 Allow Edge tests in Admin Console 
Closes #10539
 2022-03-03 07:14:01 +01:00
wojnarfilip
700ceb77ec Removal of invalid(depricated) SpringBootTest 
Closes #10218
 2022-03-02 09:04:47 +01:00
Jon Koops
beaf8d0348
Remove Node modules from source control (#9963) 2022-03-02 08:49:17 +01:00
Andrea Peruffo
f20cdd6d2a
Add Pod-Template to the Keycloak Deployment Spec (#10098) 2022-03-02 08:13:57 +01:00
Jeff Tian
e2f8e9a4c8 docs: fix typo: if -> is 2022-03-02 07:24:00 +01:00