libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6
26430 commits 4 branches 5 tags 480 MiB
Commit graph

830 commits

Author SHA1 Message Date
Jakub Jirutka
d50fa65247
Refactor kc.sh, kcadm.sh and kcreg.sh scripts, make kc.sh POSIX shell compatible (#21124) 
Closes #22041
 2023-07-27 17:54:18 +02:00
Anhanguera
5bd4d8202f
Replace Windows separator with Unix separator (#20472) 
* Replace Windows separator with Unix separator

Replace Windows separator with Unix separator to avoid building failure on Windows.

Closes #20471

* Use '/' directly instead of File.separate to then replace back to '/'

---------

Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2023-07-27 06:03:49 +00:00
Alexander Schwartz
a1e1fd8d5d
Provide an HTTP 503 response when the thread pool rejected the request (#21963) 
This allows for limiting the queue of the thread pool to avoid overloading Keycloak.

Closes #21962
 2023-07-26 14:47:31 +00:00
Václav Muzikář
ecdf8e897f
Upgrade to Quarkus 3.2.2.Final (#21912) 
Closes #21907
 2023-07-26 16:20:23 +02:00
Takashi Norimatsu
0ddef5dda8
DPoP support 1st phase (#21202) 
closes #21200


Co-authored-by: Dmitry Telegin <dmitryt@backbase.com>
Co-authored-by: mposolda <mposolda@gmail.com>
 2023-07-24 16:44:24 +02:00
Alexander Schwartz
08838f77ca Adding Maven Build Cache Extension as opt-in feature 
Closes #20882
 2023-07-24 13:07:15 +02:00
Martin Bartoš
6766fd6ccc
Warnings about TLS properties on startup (#21869) 
Fixes #21801
 2023-07-21 12:02:46 +00:00
Alexander Schwartz
7c9593f88a
Upgrade Infinispan to 14.0.13.Final (#21565) 
Closes #21564
 2023-07-20 16:59:19 +00:00
Václav Muzikář
776bcbcbd4
Update bcpkix and bcprov dependencies (#21543) 
Closes #21360
 2023-07-20 11:57:18 +02:00
Pedro Igor
bf19c4b07e Re-augmentation failing on windows 
Closes #21625
 2023-07-12 12:02:15 -07:00
Alexander Schwartz
a25df4afea
Align database versions in Quarkus integration tests with the root pom (#21512) 
Now it is using the same version that is used in the integration test and which is stated in the docs as the tested version.

Closes: #15411
 2023-07-10 16:59:26 +02:00
Alexander Schwartz
8bdfb8e1b6 Updating performance information on export/import 
Closes: #20703
 2023-07-07 09:43:59 -03:00
A. Tammy
497d08af1c
make cli usable on OpenBSD (#16462) 
Signed-off-by: Aisha Tammy <aisha@bsd.ac>
Co-authored-by: Aisha Tammy <aisha@bsd.ac>
 2023-07-07 08:58:41 +02:00
Václav Muzikář
3f4d9713e8 Remove elytron and devservices 
Closes #9075
 2023-07-06 12:45:48 -03:00
Peter Zaoral
2b1c29a6f2 Use Quarkus Platform BOM 
Closes #20570
Closes #15870

Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
 2023-07-06 12:45:48 -03:00
Alexander Schwartz
ce13a91ceb Fix property name changed in Quarkus 3.2 
Closes #21456
 2023-07-06 11:44:49 -03:00
Pedro Igor
bde57ca839 Ignoring artifacts when running re-aug to isolate the current and new stores 
Closes #20974
 2023-07-05 07:56:49 -03:00
Pedro Ruivo
10ff4a0ab3 Allow any JGroups stack with --cache-stack 
Closes #21064
 2023-07-03 21:25:32 -03:00
mposolda
0ea2891eee Remove support for OpenJDK 11 on the server side 
closes #15014
 2023-07-03 13:12:22 -03:00
Martin Bartoš
ee205c8fbc
Enable IPv6 dualstack support by default (#21340) 
Closes #15003
 2023-07-03 13:35:33 +00:00
Pedro Igor
0dd7c4a515 Fixing auth-server-quarkus-embedded 2023-06-21 17:18:26 +02:00
Jon Koops
651a7f29fc
Promote Account Console v3 to preview (#20969) 2023-06-15 12:24:01 -04:00
Alexander Schwartz
2b16fda3a1
Setting ParallelGC as the default garbage collector (#20606) 
Closing #20568
 2023-06-05 17:48:28 +02:00
Pedro Igor
4a85b21eb3
Removing unnecessary message from main command help text (#20692) 
Closes #20689
 2023-06-01 09:12:39 +02:00
Andre Nascimento
30c7808d9d Clarify the use of '--db-url-properties' option in its description and in the guide. 
Closes #12720
 2023-05-31 09:41:04 -03:00
stianst
0832992e59 Removing OpenShift integration and moving to separate extension 
closes #20496

Co-authored-by: mposolda <mposolda@gmail.com>
 2023-05-30 17:39:32 +02:00
Pedro Igor
e9accaf387
Show warning message when overriding build options during starts (#20585) 
Closes #20582
 2023-05-29 13:21:57 +02:00
Peter Zaoral
34e5884415
SmallRye Keystore (#20375) 
* added integration with SmallRye Keystore (keycloak#19281)

Closes #11089

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2023-05-25 17:36:20 +02:00
Peter Zaoral
72b238fb48
Keystore vault (#19644) 
* KeystoreVault SPI

* added KeystoreVault - a Vault SPI implementation (#19281)

Closes #17252

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2023-05-24 16:20:30 +00:00
Pedro Ruivo
abd75a786f Enable simple-cache for local-cache 
Closes #20486
 2023-05-24 09:47:20 +02:00
Václav Muzikář
1aa3e2d7e3
Fix processing of env variable references (#20462) 
Closes #20032
 2023-05-22 14:48:59 +02:00
Alexander Schwartz
34a68d9354
Avoid using JBoss dependency which contains some old Log4j classes (#20423) 
This assumes all dependencies already use different logging frameworks

Closes #15844
 2023-05-19 09:01:36 +02:00
Alex Szczuczko
1578506475
Seperate version properties for hibernate-enhance and quarkus-maven (#20264) 
This will allow them to be defined seperately from aligned dependency
versions suitable for product

Closes #20261
 2023-05-18 14:37:55 +00:00
Alexander Schwartz
6851a06fc0
Use non-blocking random generator on Linux, and native Microsoft CryptoAPI on Windows (#20403) 
Closes #20361
 2023-05-17 11:00:37 +02:00
Alexander Schwartz
508e6f5e50
Exit JVM on out-of-memory exceptions (#20363) 
Closes #20362
 2023-05-16 17:24:18 +02:00
rmartinc
fdd5e51dbc SSSD documentation updated for quarkus distribution 
Closes https://github.com/keycloak/keycloak/issues/20263
 2023-05-16 14:26:04 +02:00
Alexander Schwartz
8cfe8b1411
Update the docs on passthrough proxy (#20072) 
Closes #20070
 2023-05-15 15:44:47 +00:00
Martin Bartoš
960e3503ec
Artifact SLF4J LOG4J-12 has been relocated (#20113) 2023-05-05 13:57:45 +02:00
Pedro Igor
c17fcd49c8
Support for non-XA databases (#20141) 2023-05-04 19:08:10 +02:00
Alexander Schwartz
c2c5012cfb Upgrade to latest Infinispan version 14.0.8 
Closes #20067
 2023-05-02 13:45:05 +02:00
Bruno Oliveira da Silva
373b5c1d9f
Update to Quarkus 3.0.1.Final (#20011) 
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>

Closes #20010
Closes #19080
Closes #17476
Closes #19286
Closes #17557
Closes #17556
Closes #17555
Closes #17475
Closes #15879
Closes #15878
 2023-05-02 10:13:23 +02:00
Martin Bartoš
5a96efad11 Do not display error log for initial admin creation 
Closes #15789

Co-authored-by: Steve Weixel <steve.weixel@quantum.com>
 2023-04-28 14:36:05 +02:00
Martin Bartoš
ba07f1ced3 Ignore HibernateOrmProcessor logs related to persistence.xml 
Closes #19995

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2023-04-28 08:11:13 -03:00
Martin Kanis
f7988a6ae3 Cleanup Infinispan dependencies in Quarkus dist 
Closes #17368
 2023-04-27 16:28:50 +02:00
Peter Zaoral
bc165686ba Quarkus3 branch sync no. 14 
24.4.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2023-04-27 13:36:54 +02:00
Martin Bartoš
e3e1df2dd6 Fix Quarkus IT (zip) tests 2023-04-27 13:36:54 +02:00
Martin Bartoš
30ea43f06f Remove workaround related to the SmallRye configuration 
Upgrade to Quarkus 3.0.0.Final

Closes #19084
 2023-04-27 13:36:54 +02:00
Alexander Schwartz
143a3bc7ac Revert "Create workaround for "UnsupportedOperationException: compare() not implemented for EntityType"" 
With the update Hibernate 6.2.0.Final this is no longer needed.

Closes #19321

This reverts commit 71bcb409c4f6a1251ce18f32cfd68e4ae528abb3.
 2023-04-27 13:36:54 +02:00
Alexander Schwartz
c3c728230d Fix problem with "Unable to create message factory for SOAP: Unable to create SAAJ meta-factory: Provider com.sun.xml.messaging.saaj.soap.SAAJMetaFactoryImpl not found" when running SAML. 2023-04-27 13:36:54 +02:00
Alexander Schwartz
adb47ac874 Create workaround for "UnsupportedOperationException: compare() not implemented for EntityType" 
Related to: #19321
 2023-04-27 13:36:54 +02:00
Martin Bartoš
fb855538fa Additional settings for JTA TX and Quarkus 2023-04-27 13:36:54 +02:00
Martin Bartoš
5b7e9a2603 Remove WF dependencies, add Jakarta SOAP, fix tests 
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
IdeaProjects/keycloak/quarkus/pom.xml - Modified
IdeaProjects/keycloak/quarkus/runtime/pom.xml - Modified
 2023-04-27 13:36:54 +02:00
Martin Bartoš
9796e69d8d Change default transaction type to JTA 2023-04-27 13:36:54 +02:00
Martin Bartoš
8584174099 Change default DB dialects 2023-04-27 13:36:54 +02:00
Martin Bartoš
bc43e4f435 Integrate Jakarta Mail API 2.1.0 2023-04-27 13:36:54 +02:00
vramik
acebf4616e Remove JsonbPostgreSQL95Dialect from quarkus. 
Closes #16549
 2023-04-27 13:36:54 +02:00
Peter Zaoral
0b4f40f89b Quarkus3 branch sync no. 8 
3.3.2023:
* renamed imports from javax to jakarta as a part of the migration from JavaEE to JakartaEE

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2023-04-27 13:36:54 +02:00
Martin Bartoš
a895cc1a60 Fix Quarkus IT tests for Quarkus 3 2023-04-27 13:36:54 +02:00
Martin Bartoš
64738ea708 Fix issues with JakartaEE Mail dependencies 
This reverts commit da4644844ed88818c05d777460624403326ab01c

---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
 2023-04-27 13:36:54 +02:00
Martin Bartoš
b1da7bd613 Revert Mail API 
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
keycloak/quarkus/pom.xml - Modified
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
 2023-04-27 13:36:54 +02:00
Peter Zaoral
4ff2de7f46 Quarkus3 branch sync 
18.1.2023:
* applied Quarkus 3 OpenRewrite recipe
* fixed the parts that were missed by the script

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2023-04-27 13:36:54 +02:00
Martin Bartoš
40c38e0133 Fix dependencies in testsuite, adapters and Quarkus module 
---
Quarkus3 branch sync no. 11 (24.3.2023)
Resolved conflicts:
keycloak/adapters/oidc/spring-security/pom.xml - Modified
 2023-04-27 13:36:54 +02:00
Martin Bartoš
cecd059af2 WiP - Resolve failure with JakartaEE Tx and Infinispan/HotRod 
---
Quarkus3 branch sync #1 (18.1.2023)
Resolved conflicts:
keycloak/quarkus/runtime/pom.xml - Modified
keycloak/quarkus/pom.xml - Modified
keycloak/quarkus/deployment/pom.xml - Modified
 2023-04-27 13:36:54 +02:00
Martin Bartoš
6118e5cfb7 Use JakartaEE dependencies 
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
keycloak/pom.xml - Modified
 2023-04-27 13:36:54 +02:00
Martin Bartoš
7cff857238 Migrate packages from javax.* to jakarta.* 
---
Quarkus3 branch sync no. 14 (24.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/ComponentExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/DeclarativeUserTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/FederatedStorageExportImportTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/admin/authentication/FlowTest.java - Modified
keycloak/services/src/main/java/org/keycloak/services/resources/admin/UserResource.java	- Modified
---
Quarkus3 branch sync no. 13 (11.4.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/pages/AccountTotpPage.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/storage/BackwardsCompatibilityUserStorageTest.java - Modified
---
Quarkus3 branch sync no. 12 (31.3.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/services/resources/QuarkusWelcomeResource.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/profile/util/Soap.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/UserInfoClientUtil.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/oidc/endpoints/UserInfoEndpoint.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/sessionlimits/UserSessionLimitsTest.java - Modified
---
Quarkus3 branch sync no. 10 (17.3.2023)
Resolved conflicts:
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java -	Modified
---
Quarkus3 branch sync no. 9 (10.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/federation/kerberos/AbstractKerberosSingleRealmTest.java - Modified
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/forms/LoginTest.java - Modified
---
Quarkus3 branch sync no. 8 (3.3.2023)
Resolved conflicts:
keycloak/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/util/SamlClient.java	Modified - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java - Modified
keycloak/examples/providers/authenticator/src/main/java/org/keycloak/examples/authenticator/SecretQuestionAuthenticator.java - Modified
---
Quarkus3 branch sync no. 6 (17.2.2023)
Resolved conflicts:
keycloak/integration/admin-client/src/main/java/org/keycloak/admin/client/resource/ComponentsResource.java - Modified
keycloak/testsuite/utils/src/main/java/org/keycloak/testsuite/KeycloakServer.java - Modified
keycloak/services/src/main/java/org/keycloak/protocol/saml/installation/SamlSPDescriptorClientInstallation.java - Modified
---
Quarkus3 branch sync no. 5 (10.2.2023)
Resolved conflicts:
/keycloak/services/src/main/java/org/keycloak/social/google/GoogleIdentityProvider.java	Modified - Modified
keycloak/services/src/main/java/org/keycloak/social/twitter/TwitterIdentityProvider.java - Modified
---
Quarkus3 branch sync no. 4 (3.2.2023)
Resolved conflicts:
keycloak/quarkus/runtime/src/main/java/org/keycloak/quarkus/runtime/integration/jaxrs/QuarkusKeycloakApplication.java - Modified
---
Quarkus3 branch sync no. 1 (18.1.2023)
Resolved conflicts:
keycloak/testsuite/client/ClientPoliciesTest.java - Deleted
keycloak/testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/client/ClientRegistrationTest.java - Modified
keycloak/model/map-jpa/src/main/java/org/keycloak/models/map/storage/jpa/JpaModelCriteriaBuilder.java - Modified
 2023-04-27 13:36:54 +02:00
Peter Zaoral
78958ae434
Fix Base Testsuite timeouts on Windows 2023-04-25 16:01:08 +02:00
Alexander Schwartz
4f8d67c9fc All commands now auto-reaugment except show-config 
Closes #15782
Closes #15898
Closes #17498
 2023-04-21 15:06:51 +02:00
Andre Nascimento
a7153af7b0 Port of the custom extension 'Hostname Debug Tool' to Keycloak. 
Co-authored-by: stianst <stian@redhat.com>

Closes #15910
 2023-04-21 13:53:33 +02:00
Alex Szczuczko
edaa84b1e5
Build the operator container via Dockerfile (#19642) 
Closes #16967
 2023-04-21 08:32:29 +02:00
Pedro Igor
13f97a799e Switch to quarkus-extension-maven-plugin 
Closes #19560
 2023-04-17 15:47:12 +02:00
Jon Koops
a2eb619e0e
Include Account Console version 3 as a theme (#19641) 2023-04-13 09:41:40 -04:00
mposolda
863d28e232 Promote FIPS 140-2 to supported in Keycloak 22 
closes #17234
 2023-04-12 15:29:54 +02:00
Pedro Igor
83676bf927 Extract JUnit5 support in the distributoin testsuite to a separate module 
Closes #19552
 2023-04-11 10:48:56 +02:00
Sebastian Schuster
615dc89e13
14613 increase max URI and header length to Wildfly defaults (#19551) 2023-04-05 18:21:53 +00:00
Václav Muzikář
d540f449f0 Upgrade agroal (#17642) 
Closes #17161
 2023-04-04 20:21:42 +02:00
Sebastian Schuster
1c9992fdae
Removed lots of unnecessary quotes and allowed passing quoted argument values 
Closes #16189
Closes #16319
 2023-04-04 11:53:47 -03:00
mposolda
c6f13363b9 Add nashorn javascript engine to Keycloak server 
closes #17671
 2023-04-04 14:56:46 +02:00
Pedro Igor
d857ea8ec2 Removing custom classloader and allow loading drivers at runtime 
Closes #13205

Co-authored-by: Brett Lounsbury <brett.lounsbury@nasdaq.com>
 2023-03-31 18:05:55 +02:00
sbrajchuk
5202ba0245 Set default object store directory for quarkus transaction-manager via application.properties 2023-03-30 17:24:04 +02:00
Pedro Igor
cda0c9dce0 Avoid initing the profile multiple times during re-augmentation 
Closes keycloak#19324
 2023-03-27 14:39:48 -03:00
Pedro Hos
aa9744246c NPE on welcome page when 'spi-theme-default' doesn't exists #15476 
closes #15476
 2023-03-27 09:23:08 +02:00
Alexander Schwartz
251f6151e8 Rework the Import SPI to be configurable via the Config API 
Also rework the export/import CLI for Quarkus, so that runtime options are available.

Closes #17663
 2023-03-24 15:28:55 -03:00
Václav Muzikář
c366901224 Fix dist build race condition 
Closes #19251
 2023-03-22 18:44:54 -03:00
Alexander Schwartz
513bb809f3 Add a map storage global locking implementation for JPA 
Closes #14734
 2023-03-21 08:21:11 +01:00
rmartinc
bef0a4a6f1 Check frontendUrl in the hostname providers 
Closes https://github.com/keycloak/keycloak/issues/17686
 2023-03-20 18:54:58 -03:00
Thomas Darimont
ce1e0a65e7
Add keycloak-rest-admin-ui-ext to quarkus app (#17650) 
Fixes #17649
 2023-03-14 14:35:08 +00:00
Jon Koops
96aa4b3394
Add Maven build for the Admin UI (#17552) 2023-03-13 18:16:12 +00:00
Simon Bäurle
4c4b266cb4 #16226 explicitly set UTF-8 as stdin and stdout encoding 2023-03-13 14:01:40 +01:00
Pedro Igor
af475ffe23 Fixing classloading issue due to the curated application being eagerly closed 2023-03-13 09:34:49 +01:00
vramik
31e4c5cb7e Add storage-jpa-db property into Quarkus. Distinguish postgres and crdb for jpa map store. 
Closes #17305
 2023-03-09 11:09:56 +01:00
mposolda
bc0e2d04b7 Make Keycloak container working on FIPS environment - adding sqlite-libs package back to the dist 
closes #17253
 2023-03-09 10:38:26 +01:00
Alexander Schwartz
4cf5c11020 Fix start-dev mode on Windows by avoiding backslashes escaping expressions 
Closes #17413
 2023-03-07 10:38:43 -03:00
Alexander Schwartz
f6f179eaca Rework the export to use CLI options and property mappers 
Also, adding the wiring to support Model tests for the export.

Closes #13613
 2023-03-07 08:22:12 +01:00
Jon Koops
6d2e57f93a
Move Keycloak JS into the NPM workspace (#17401) 2023-03-03 13:56:53 +01:00
Jon Koops
972ebb9650
Use a valid SemVer format for the SNAPSHOT version (#17334) 
* Use a valid SemVer format for the SNAPSHOT version

* Update pom.xml

* Update pom.xml

---------

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2023-03-03 11:11:44 +01:00
hanouard
4a96afb374
Removing nonexistent path '../lib/bootstrap/*' from the classpath (#15914) 
Closes #15911
 2023-03-01 16:14:19 -03:00
Alexander Schwartz
42f66f2c6f Avoid recording metrics for http server endpoints while they contain resource IDs 
Closes #17281
 2023-03-01 09:58:30 +01:00
Pedro Igor
9874da150e Avoid resolving expressions twice but rely on MP config expression support 
Closes #16573
 2023-03-01 09:22:27 +01:00
Joerg Matysiak
8a2d645dd4 Avoid internal server error when root path and non-appliation root path are both set and the wrong metrics/health endpoint is called. 
Fixes #17166

Avoid internal server error when root path and non-appliation root path are both set and the wrong metrics/health endpoint is called.

Fixes #17166
 2023-02-27 11:14:10 -03:00
Pedro Igor
2b98fcdecb Support for standard Forwarded header 
Closes #11580
 2023-02-22 19:28:04 +01:00
rmartinc
f91ac2970d
Polish fips-mode switch for preview (#17228) 
* Polish fips-mode switch for preview
Closes #17208 #17210 


Co-authored-by: mposolda <mposolda@gmail.com>
 2023-02-22 12:12:52 +01:00
mposolda
4f068fcdcc Make https-trust-store-type set to bcfks by default in strict-mode 
Closes #17119
 2023-02-16 08:00:21 -03:00
Alexander Schwartz
e76418e3de Removing unused code, as JPA Map storage always uses JTA nowadays 
Closes #13222
 2023-02-16 11:08:37 +01:00
Alexander Schwartz
febe134d5b Make the event listeners specific to the persistence unit 
Closes #13219
 2023-02-16 11:08:15 +01:00
Pedro Igor
3be2775f9e Do not enable storage chm by default if db option is set 2023-02-16 08:30:45 +01:00
rmartinc
fbc9177f27 Doublecheck if we need to override properties in java.security 
Closes https://github.com/keycloak/keycloak/issues/16702
 2023-02-15 12:33:48 +01:00
Michal Hajas
1f929c78af Make lockTimeout more friendly for JPA map storage 
Closes #16616
 2023-02-15 10:38:18 +01:00
Alex Szczuczko
6319b462c7 Upgrade to ubi9 parent image 
This PR switches the Quarkus Dockerfile to use `ubi9` parent images instead of `ubi8` ones.

ubi-null.sh has some minor changes to handle differences in RHEL 9. It's also been renamed.

Closes #17057
 2023-02-14 09:46:58 +01:00
Václav Muzikář
a266cdcba9 Fix bug, add tests 2023-02-13 17:09:36 -03:00
Václav Muzikář
a57821ed80 Fix JDK 17 InaccessibleObjectException with infinispan 2023-02-13 17:09:36 -03:00
Pedro Igor
2059ffb219 Make sure the distribution is using FIPS providers 
Closes #12428
 2023-02-10 17:26:55 +01:00
Pedro Igor
22e256149c Make it possible to run the embedded distribution in FIPS mode 
Closes keycloak#16962
 2023-02-09 16:14:01 -03:00
Alex Szczuczko
610e3044ad Minimize the RPM content of the Quarkus container 
Even though we use `ubi8-minimal` as the parent of our container, it
still has many RPMs installed that aren't necessary to run the Keycloak
server. Also, since the JDK RPM (that we install on top of
`ubi8-minimal`) is designed for general use, it pulls in more dependency
RPMs than it strictly needs to, like cups and avahi. Keycloak will never
need to access a printer itself!

Trimming down these excess RPMs will improve our CVE statistics with
automated scanners, and therefore let us perform fewer CVE rebuilds.

`ubi8-null.sh` uses the low-level `rpm` command to identify and forcibly
remove dependencies and operating system files that are not required to
boot our Quarkus-based server. This includes `microdnf` and `rpm`
itself! I have preserved bash however, so it's still possible to debug
the container from a shell.

I've created an initial set of allow/disallow lists, that seems to pass
a smoke test (server boots, admin console works). This leaves 37
packages installed, with 96 removed relative to `ubi8-minimal`. We could
go more minimal than this, or less minimal if required. Trial and error
is required.

Closes #16902
 2023-02-09 11:20:09 +01:00
vramik
fc9e9e6fda Add support for file store configuration into Quarkus 
Closes #16821
 2023-02-08 14:49:53 +01:00
Stian Thorgersen
4782a85166
Remove old admin console feature (#16861) 
* Remove old admin console feature

Closes #16860

* Update help txt files for Quarkus tests
 2023-02-07 12:59:35 +01:00
Pedro Igor
263e86e434 Support paths without a beginning slash when setting the root path 
Closes #16002
 2023-02-02 17:41:22 +01:00
Pedro Igor
b5fb528508 Do not enable caching metrics by default and provide a guide 
Closes #16751
 2023-02-01 18:55:43 +01:00
Alexander Schwartz
c6aba2e3de Make LockAcquiringTimeoutException a RuntimeException 
Closes #16690
 2023-01-31 08:21:32 +01:00
Alexander Schwartz
7933f0489d Align startup of Quarkus with the regular startup to ensure boostrap locks are created. 
Also fixing an issue where DBLockGlobalLockProviderFactory held on to an old session, which lead to a closed DB connection on Quarkus.

Closes #16642
 2023-01-30 12:59:40 +01:00
mposolda
a804400c84 Added KERBEROS feature. Disable it when running tests on FIPS 
closes #14966
 2023-01-25 18:38:46 +01:00
Sebastian Schuster
54c34dc75b 15901 enabled Infinispan metrics 2023-01-25 04:26:35 -08:00
Stian Thorgersen
8d05895adb
Move Admin REST extension to main repository (#16530) 
Closes #16529
 2023-01-19 13:06:21 +01:00
Pedro Igor
33cb1ad7cd Support runnning tests using an embedded distribution 
Closes #16420
 2023-01-13 12:03:36 -08:00
Pedro Igor
4d2f86202d Remove Hashicorp Support 
Closes #9144
 2023-01-13 15:52:19 +01:00
Pedro Igor
6ac65f62d7 tests 2023-01-12 12:19:40 -08:00
Dominik Guhr
7398d7e1ed initial impl of running export/import without serving 2023-01-12 12:19:40 -08:00
Pedro Igor
522bf1c0b0 Keep consistency when importing realms at startup when they are exported via the export command 
Closes #16281

Co-authored-by: Martin Bartoš <mabartos@redhat.com>
 2023-01-06 18:53:01 +01:00
Michal Hajas
6566b58be1 Introduce Infinispan GlobalLock implementation 
Closes #14721
 2023-01-05 16:58:44 +01:00
Hynek Mlnarik
071fc03f41 Move transaction processing into session close 
Fixes: #15223
 2023-01-05 16:12:32 +01:00
Martin Kanis
c0e103dc95 Replace old HotRod index annotation with new one 2022-12-21 12:50:08 +01:00
mposolda
36bd76957d Make Keycloak FIPS working with OpenJDK 17 on FIPS enabled RHEL 
Closes #15721
 2022-12-20 21:03:55 +01:00
Alexander Schwartz
0fee33bb95 Normalize JVM heap usage in tests and handle OOM situations 
Closes #16089
 2022-12-20 13:26:07 +01:00
Alexander Schwartz
1d758fac2b
Adding CRDB into GHA for the new store (#16021) 
The CockroachDB database is slower than PostgreSQL, therefore it will only run branches and nightly builds.

Closes #16020
 2022-12-17 08:50:21 +01:00
Pedro Igor
4d00da2df7 Use git checkout to rever changes 
Closes #15644
 2022-12-15 13:46:48 -08:00
Pedro Igor
f32e012c11 Make it possible to set a custom user and cache providers when using legacy store 
Closes #15008
 2022-12-15 16:56:20 +01:00
Martin Bartoš
445e953501 Java 17 support not given 
Fixes #15916
 2022-12-14 11:59:50 -08:00
Stian Thorgersen
a5670af745
Keycloak CI workflow refactoring (#15968) 
* Keycloak CI workflow refactoring

Closes #15861

* Update testsuite/integration-arquillian/tests/base/testsuites/base-suite.sh

Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>

* Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh

Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>

* Update testsuite/integration-arquillian/tests/base/testsuites/suite.sh

Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>

* Update CodeQL actions

Co-authored-by: Hynek Mlnařík <hmlnarik@users.noreply.github.com>
 2022-12-14 16:12:23 +01:00
Pedro Igor
d27a5d5b42
Do not execute test methods before HTTPS listener is not ready (#15984) 
Closes #15904
 2022-12-14 07:47:43 +01:00
Pedro Igor
0c4ac62a5f Disabling strict https if hostname is diasabled 
Closes #15287
 2022-12-12 09:10:39 -08:00
Pedro Igor
a861d633e2 Resolving dns names used from tests from local host file 
Closes #15904
 2022-12-12 02:35:59 -08:00
Alexander Schwartz
e4804de9e3 Changing Quarkus transaction handling for JPA map storage to JTA 
This has been recommended as the supported way of transaction handling by the Quarkus team.
Adding handling of exceptions thrown when committing JTA.
Re-adding handling of exceptions when interacting with the entity manager, plus wrapping access to queries to map exceptions during auto-flushing.

Closes #13222
 2022-12-09 10:07:05 -03:00
Peter Zaoral
1073a342cf Cleanup dependencies and align with Quarkus 
* aligned parent POM dependency versions with the Quarkus BOM

Closes #15325

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2022-12-09 09:10:30 -03:00
Pedro Igor
1673906a54 Improving quarkus testsuite execution time 
Closes #13544
 2022-12-05 15:06:36 +01:00
Sebastian Schuster
3c6e2c3c1e 15234 switch to micrometer metrics 2022-12-05 08:11:35 -03:00
Pedro Igor
168734b817 Removing references to request and response from Resteasy 
Closes #15374
 2022-12-01 08:38:24 -03:00
Stefan Guilhen
55b2162421 Create map-file module with empty implementations 
Closes #15706
 2022-11-29 12:58:55 +01:00
Pedro Igor
17bf092da6 Keycloak wrongly assumes that the default datasource is the first one 
Closes #15608
 2022-11-25 16:32:47 +01:00
Bruno Oliveira da Silva
c31ad8424c
Update to Quarkus 2.14.1.Final (#15601) 2022-11-23 16:00:52 +01:00
Martin Kanis
8478b01758 Stop reindexing indexes on new version 2022-11-23 10:57:28 +01:00
Michal Hajas
6d683824a4 Deprecate DBLockProvider and replace it with new GlobalLockProvider 
Closes #9388
 2022-11-16 16:13:25 +01:00
Martin Kanis
5e891951f5 Update Infinispan version to 14.0.2.Final 2022-11-16 14:56:45 +01:00
Stefan Guilhen
bc014d3e69 Upgrade Liquibase to version 4.16.1 
* aligns with version used in quarkus

Closes #15089
 2022-11-16 13:14:23 +01:00
Peter Zaoral
13fcb9ca34 Unstable CustomJpaUserProviderDistTest on Windows 
* remove the starting slash from file URI

Closes #15371

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2022-11-14 17:24:03 +01:00
Fouad Almalki
316479f3f5
Fix classpath separator for windows startup script (#15300) 
Closes #15281

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
 2022-11-07 15:08:11 +01:00
stianst
1de9c201c6 Refactor Profile 
Closes #15206
 2022-11-07 07:28:11 -03:00
Alexander Schwartz
1b7ae48dcb Use RESOURCE_LOCAL transactions for JPA map storage 
Closes #15248
 2022-11-01 16:43:46 -03:00
Pedro Igor
f6985949b6
Close the session within resteasy boundaries (#15193) 
Closes #15192
 2022-11-01 11:06:34 +01:00
Bruno Oliveira da Silva
ec73533895 Upgrade to Quarkus 2.13.3 
Resolves #15032
Resolves #14785
Resolves #14833
 2022-10-24 12:40:24 -03:00
Alexander Schwartz
1059b3a837
Log errors when welcome page can't be shown on Quarkus (#14995) 
Closes #14994
 2022-10-21 07:38:33 +02:00
Stian Thorgersen
97ae90de88
Remove Red Hat Single Sign-On product profile from upstream (#14697) 
* Remove Red Hat Single Sign-On product profile from upstream

Closes #14916

* review suggestions: Remove Red Hat Single Sign-On product profile from upstream

Closes #14916

Co-authored-by: Peter Skopek <pskopek@redhat.com>
 2022-10-18 14:43:04 +02:00
Marek Posolda
0756ef9a75
Initial integration tests with BCFIPS distribution (#14895) 
Closes #14886
 2022-10-17 23:33:22 +02:00
Bruno Oliveira da Silva
90369f7540
Upgrade to latest Quarkus 2.13.2 (#14834) 
Upgrade to latest Quarkus 2.13.2

Resolves #14817
 2022-10-17 12:05:35 +02:00
Alexander Schwartz
97c4495c4f Updating H2 database to 2.x 
Closes #12607

Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2022-10-14 11:52:34 +02:00
Martin Kanis
761929d174
Merge ActionTokenStoreProvider and SingleUseObjectProvider (#13677) 
Closes #13334
 2022-10-13 09:26:44 +02:00
Stian Thorgersen
fda26385ec
Add profile feature for hosting keycloak.js on the server (#14771) 
* Add profile feature for hosting keycloak.js on the server

Closes #14770

* Updated txt files for HelpCommandTest
 2022-10-10 08:00:50 +02:00
Pedro Igor
cff5cfb6df Avoid including user managed entities into the default PU 
Closes #12442
 2022-09-23 18:01:43 +02:00
Pedro Igor
00e4c3567a Make it possible to switch between BC and BC-FIPS libraries 
Closes #12424
 2022-09-23 07:50:02 -03:00
Pedro Igor
54c1f1b85a Upgrade Quarkus 2.12.2 
Closes #14408
 2022-09-14 15:36:50 -03:00
Thomas Darimont
962a685b7b KEYCLOAK-15773 Control availability of admin api and admin-console via feature flags 
Inline profile checks for enabled admin-console to avoid issues during
static initialization with quarkus.

Potentially Re-enable admin-api feature if admin-console is enabled
via the admin/admin2 feature flag.

Add legacy admin console as deprecated feature flag
Throw exception if admin-api feature is disabled but admin-console is enabled

Adapt ProfileTest

Consider adminConsoleEnabled flag in QuarkusWelcomeResource
Fix check for Admin-Console / Admin-API feature dependency.

Add new features to approved help output files

Co-authored-by: Stian Thorgersen <stian@redhat.com>
Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2022-09-09 18:18:51 -03:00
Marek Posolda
040e52cfd7
SAML javascript protocol mapper: disable uploading scripts through admin console by default (#14293) 
Closes #14292
 2022-09-09 13:47:51 +02:00
Pedro Igor
ced18f2722 Requests to health endpoint still dispatched to worker threads when http-relative-path is set 
Closes #14011
 2022-08-31 12:42:41 +02:00
Pedro Igor
127569ed2f
Upgrade to Quarkus 2.12.0.Final (#14006) 
Closes #14003
 2022-08-30 16:48:20 +02:00
Knut Sander
d5b3fb98d1 replace backtick in kc.sh by $() 2022-08-30 08:38:52 -03:00
Knut Sander
2cbbde499b fix kc.sh to work with cygwin environments 2022-08-30 08:38:52 -03:00
Stian Thorgersen
aeba5e9f4b
Add FreeMarkerProvider to prevent multiple instances of FreeMarker templates (#14062) 
* Add FreeMarkerProvider to prevent multiple instances of FreeMarker templates

Closes #19185
 2022-08-29 08:42:53 -03:00
Pedro Igor
52aad0bbdc Allow setting a URL to configure frontend and admin URLs 
Closes #13524

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
 2022-08-25 23:03:09 -03:00
Erik Jan de Wit
e7a3e4b601
Revert "removing admin ui excludes (#13752)" (#13958) 
This reverts commit 15b258bf26.

Co-authored-by: Stian Thorgersen <stianst@gmail.com>
 2022-08-25 14:43:58 +02:00
Pedro Igor
2b9a0bff51
Do not run build when executing import and export commands (#13942) 
Closes #13940
 2022-08-25 13:43:18 +02:00
Michal Hajas
05b9e6d59e
Upgrade Infinispan to 13.0.10.Final (#13910) 
Closes #12306
 2022-08-25 13:09:34 +02:00
Dominik Guhr
a76b597b35 Remove unused ALL_OPTIONS pattern from options. 
Closes #13850
Closes #13947
 2022-08-24 17:12:11 -03:00
Pedro Igor
2a2ada9575
Improve how expected values are set to options (#13842) 
Closes #13841
 2022-08-19 14:55:01 +02:00
Pedro Igor
5f2191813a
Remove unnecessary code paths during startup (#13848) 
Closes #13847
 2022-08-19 14:54:11 +02:00
Alexander Schwartz
bd926b8fd0 Remove warning from StoragePropertyMappers about the deployment state version seed 
It duplicates the logic in the provider and is incomplete. A follow-up issue will investigate how a provider can defer a configuration option.

Closes #13807
 2022-08-17 13:55:05 -03:00
Erik Jan de Wit
15b258bf26
removing admin ui excludes (#13752) 
fixes: #13751
 2022-08-17 07:18:27 -04:00
Pedro Igor
e3af0610e2 Support running base testsuite on Windows 
Closes #12648

Co-authored-by: Dominik Guhr <dguhr@redhat.com>
 2022-08-10 20:03:53 -03:00
Michal Hajas
ec808d28bb Remove possibility to start embedded HotRod server in hotrod-map module 
Closes #13247
 2022-08-05 21:08:38 +02:00
Pedro Igor
f7d258f333 IDELauncher not recognizing CLI options at runtime 
Closes #13517
 2022-08-04 09:55:19 -03:00
Pedro Igor
333a4c900f Revert changes that block themes being loaded from custom providers 
Closes #13401
 2022-08-04 13:34:12 +02:00
Pedro Igor
0d3ca438ed Aligning kc.bat with latest changes to kc.sh 
Closes #11185
Closes #13472
 2022-08-03 13:05:07 +02:00
Dominik Guhr
43afcf11ac add gelf log level option 
also aligns writing in logging.adoc to always use GELF instead of gelf/Gelf in plain text.

Closes #13397
 2022-08-01 12:28:47 -03:00
Dominik Guhr
10e3c797a3 Only show non-hidden options in --help-all for options where supportlevel is not SUPPORTED 
Closes #13385
 2022-08-01 10:03:28 -03:00
Dominik Guhr
059a132476 Fixes the regression in 19 for MariaDB, MySQL and other DBs 
databases that are not using an official liquibase type in Database.java could not be seeded anymore because

the liquibase types we use in model-jpa were not indexed and loaded during the build anymore.

Introduces highly needed tests for other databases than postgres, because postgres has an official liquibase databasetype in its list

in database.java and as such differs from nearly all other vendors.

Closes #13389
 2022-07-28 20:40:51 +02:00
Alexander Schwartz
8470a30446 Introduce CLI parameter to set the deployment state version seed 
Closes #12710
 2022-07-27 20:10:17 +02:00
Alexander Schwartz
7f355b43f8 Add prefix to the area Map storage options for Quarkus 
Closes #13355
 2022-07-27 11:00:25 +02:00
Stian Thorgersen
ae33af92d9
Promote new admin console to default (#13243) 
Closes #13242
 2022-07-27 10:13:49 +02:00
Alexander Schwartz
67e2f342a9 Allow Quarkus configuration to mix different storage providers 
Closes #13312
 2022-07-26 21:56:16 +02:00
Michal Hajas
3589778a10 Add possibility to configure HotRod storage in Quarkus distribution 
Closes #12617
 2022-07-26 14:13:39 +02:00
Alexander Schwartz
9a89560771 Liquibase should differentiate between CockroachDB and PostgreSQL despite them same driver 
Only this way the different SQL script for CockroachDB and PostgreSQL will work as expected on Quarkus.

Closes #13317
 2022-07-26 07:41:15 +02:00
Dominik Guhr
878e3e0cbc
change --help to only show "supported" options (#13304) 
* Unsupported options only shown when using help-all
* reworked impl based on comment in #13284
* Also fixes minor things of #13284 as unused imports

Closes #13283

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2022-07-25 19:34:10 +02:00
Dominik Guhr
9bb1299d89 change optimised to optimized 
also: fix kc.bat to not use autobuild in devmode anymore, fix containers.adoc to not use auto_build naming, fix build command cli help as it is not required anymore to run it beforehand.
 2022-07-22 10:29:07 -03:00
Pedro Igor
e14bd51656 Properly enable/disable metrics and health endpoints 
Closes #11506

Co-authored-by: Dominik Guhr <dguhr@redhat.com>
 2022-07-22 09:41:29 -03:00
Alexander Schwartz
cb81a17611 Disable Infinispan for map storage and avoid the component factory when creating a realm independent provider factory 
Provide startup time in UserSessionProvider independent of Infinispan,
cleanup code that is not necessary for the map storage as it isn't using Clustering.
Move classes to the legacy module.

Closes #12972
 2022-07-22 08:20:00 +02:00
nchopra
4fd3049c85 [12826] Configuring Postgres and MariaDb version 2022-07-20 11:31:59 -03:00
Alexander Schwartz
4d19099c66 Workarounds to make Listeners and non-autocommit work on Quarkus 
Closes #13200
 2022-07-20 12:06:06 +02:00
Pedro Igor
2f216ad505 Do not exit when restarting the server in dev mode. Initial contributing guide. 
Closes #13196

Co-authored-by: Dominik Guhr <dguhr@redhat.com>
 2022-07-19 18:42:48 -03:00
Dominik Guhr
b563028f42 Rename Cluster to Cache in cli help and rename classes to refer to caching 
Should be merged after the changes to auto-build are in to avoid more merge conflicts

Closes #13124
 2022-07-19 08:17:39 -03:00
Alexander Schwartz
f490638971 Fall back to standard Liquibase locking 
As DBLockProvider is "none" for the Map storage providers, there is no locking provided by DB Lock
provider.

Liquibase's classic lock provider has issues that need to be tackled in a follow-up issue, see https://github.com/liquibase/liquibase/issues/1311

Closes #13130
 2022-07-19 10:45:31 +02:00
Alexander Schwartz
3f5a087db9 Enable JPA map user session store 
Also removing previous workarounds when this wasn't available, yet.

Closes #13121
 2022-07-19 08:58:51 +02:00
Pedro Igor
89028613d8 Introducing --optimise option 
Closes #10737
 2022-07-15 15:12:17 -03:00
Pedro Igor
f6a2b334d1
Integrate the JPA map store (#13097) 
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2022-07-14 17:47:51 -03:00
Pedro Igor
b80731decf
Remove any legacy provider from runtime when running the new store (#12963) 2022-07-13 07:30:14 -03:00
Dominik Guhr
e9714c78a6 Fix internal filepath for logging on windows 
Alo fixes filepath for concurrenthashmap and one windows-only test referencing now non-existing QuarkusJpaConnectionProviderFactory log output in LoggingDistTest

Closes #12984
 2022-07-11 08:23:26 -03:00
Dominik Guhr
1edce54aff Baseline: Ability to set SupportLevel for categories and show marker in CLI help 
Closes #12927
 2022-07-07 12:48:19 -03:00
Alexander Schwartz
2c0cebea47 Direct kc.home.dir to Maven's target folder 
This prevents files created, for example, the store to end up in the user's home directory.

Closes #12850
 2022-07-04 10:50:53 -03:00
Dominik Guhr
1d6dde02e5 Add support and docs for centralized logging using gelf. 
* 99% 1:1 wrapper of the underlying quarkus gelf extension.
* excluded `filter-stack-trace` and `stack-trace-throwable-reference` options for now, as they are either undocumented on the quarkus side or not important imo.
* added docs and examples for Graylog and ELK stack
* NOT added an automated test, as this is really a 1:1 wrapper around the extension, Test setup would be cumbersome, test would take too much time and tests are done in quarkus itself.

Closes #12125
 2022-06-30 16:16:19 -03:00
Dominik Guhr
c19428aa81 introduce hidden transaction-jta-enabled config option 
Closes #12400
 2022-06-30 16:01:23 -03:00
Pedro Igor
605b51890e Enables the new store and the concurrenthashmap provider 
Closes #12651
 2022-06-30 10:55:22 -03:00
Marek Posolda
be1e31dc68
Introduce crypto/default module. Refactoring BouncyIntegration (#12692) 
Closes #12625
 2022-06-29 07:17:09 +02:00
andreaTP
e3ece8244f From supported runtimes back to hidden 2022-06-28 11:33:44 -03:00
andreaTP
006aea300d A better structure for config-api 2022-06-28 11:33:44 -03:00
Pedro Igor
c972ec4383 Allow to conditionally bootstrap the default persistence unit 
Closes #12662
 2022-06-27 08:26:37 -03:00
Pedro Igor
95528e77bb
Fixing env vars precedence over conf file (#12638) 
Closes #12413
 2022-06-22 15:13:58 +02:00
Marek Posolda
3f5741e988
Possibility to switch between FIPS and non-FIPS during keycloak+quarkus seerver build (#12513) 
* Possibility to switch between FIPS and non-FIPS during keycloak+quarkus server build

Closes #12522
 2022-06-21 11:17:45 +02:00
Hynek Mlnarik
64b1e976af Quarkus 2022-06-21 08:53:06 +02:00
andreaTP
3abcc699a1 Move all dist options to the new module 
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2022-06-17 09:06:40 -03:00
Václav Muzikář
60702cfb44 KerberosLdapTest is failing on Undertow 2022-06-14 20:20:44 +02:00
Dominik Guhr
9df0d9a5c4 Fixes wrong values shown for configkeys (e.g. http-enabled) in show-config when in dev-mode. 
also removes unnecessary internal and self-referencing values from output

Closes #9525

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2022-06-14 09:19:03 -03:00
Václav Muzikář
105d3b955b Refactor Operator test packages 2022-06-13 10:01:43 -03:00
Bruno Oliveira da Silva
cd1ea3054e
Snyk workflow failing while building Quarkus (#12389) 
Resolves #12380
 2022-06-10 10:18:07 -03:00
Dominik Guhr
b5c8f92fe7
Update Quarkus to 2.7.6.Final (#12371) 
Resolves #12370
 2022-06-10 09:14:59 -03:00
Pedro Igor
5e5cfff4e2 Resolve default values for runtime options when running re-aug 
Closes #10818
 2022-06-09 08:32:30 -03:00
Pedro Igor
b34f46155c Allow setting the admin hostname 
Closes #12190
 2022-06-08 16:41:43 -03:00
Pedro Igor
8aecba1795 Fixing how realm frontendurl is cached when resolving the hostname 
Closes #11894
 2022-06-08 16:41:25 -03:00
Pedro Igor
c18b87af5f Keycloak server fails to start when using different named schema 
Closes #12219
 2022-06-08 09:10:25 -03:00
Marek Posolda
eed944292b
Make script providers working on JDK 17 (#11322) 
Closes #9945
 2022-05-27 12:28:50 +02:00
andreaTP
d66710205c Refactor dist config to a common module 2022-05-26 12:07:03 -03:00
Pedro Igor
6156272f39
Persisted config source not loading properties at runtime (#12157) 
Co-authored-by: Dominik Guhr <dguhr@redhat.com>
 2022-05-25 16:29:37 -03:00
Martin Bartoš
86f31e8df5 Fix BlacklistPasswordPolicyDefaultPath Failures on Windows 
Fixes #11967
 2022-05-24 17:26:19 -03:00
Pedro Igor
b5a5d68dbc Imposing certain constraints to files when importing at start-up 
Closes #11861
 2022-05-16 16:49:42 +02:00
Dominik Guhr
1162952432 Quarkus Tests on Windows 
Tested using Windows 10 locally

Closes #10926
 2022-05-05 11:56:29 -03:00
Pedro Igor
eab2dff979
Loading message bundles using the flat-classpath theme provider (#11711) 
Closes #11186
 2022-05-05 15:34:54 +02:00
Dominik Guhr
acd4f5f793 set the standardcharset to UTF-8 
Closes #10462
 2022-05-03 16:14:34 -03:00
Kai Josef Schauerte
016c28e7a5 Added a hint to the --cache-config-file config option that you not need to specify the configuration folder 
Closes #11302
 2022-05-03 09:48:22 -03:00
Dominik Guhr
82b8a4254a Update infinispan to prevent null pointer exception error 
Closes #11645
 2022-04-29 14:19:01 -03:00
Daniel Schömer
09381faad7
Update kc/kcadm/kcreg.sh to support JAVA and JAVA_HOME (#11337) 
When executing Keycloak Quarkus `bin/kc.sh`, `bin/kcadm.sh`, `bin/kcreg.sh`,
the first java command found in `$PATH` is executed. The environment
variables `JAVA` and `JAVA_HOME` are not available to specify the java
command / JVM to execute.

This commit updates `bin/kc.sh`, `bin/kcadm.sh`, and `bin/kcreg.sh` to support
environment variables `JAVA` and `JAVA_HOME`.

Resolves #11336
 2022-04-25 09:14:44 +02:00
Dominik Guhr
ea552687fb
Fixes wrong encoding in container image (#11547) 
Closes #11545

Co-authored-by: Joshua Sorah <jsorah@gmail.com>

Co-authored-by: Joshua Sorah <jsorah@gmail.com>
 2022-04-22 14:57:39 +02:00
Stian Thorgersen
75cb29017c
Add option to skip new admin console while doing a build (#11591) 2022-04-22 14:25:29 +02:00
Stian Thorgersen
435a78364f
Add BOM wrapper for new admin console to limit Sonatype snapshot to only admin-ui (#11574) 2022-04-21 16:33:55 +02:00
Jon Koops
8ea8aaebcf
Include Admin UI as a regular dependency (#11281) 2022-04-21 11:39:00 +02:00
Pedro Igor
15b2f8e26d
Obtaining the resource version using native SQL during startup (#11264) 
Closes #11263
 2022-04-20 14:25:48 +02:00
Pedro Igor
23dd58bdbc
Properly handle space in the directory name (#11357) 
Closes #11343
 2022-04-20 09:21:57 +02:00
Yoshikazu Nojima
e495a3d403
Add Apache Kerby to Quarkus runtime dependencies (#10994) 
Apache Kerby is used by WebAuthn attestation verification
Without this library the assertion verification fails in Quarkus
distribution

Closes #10779
 2022-04-19 14:04:22 +02:00
Dominik Guhr
6ef80239cf change approvals to reflect typofix 
Closes #11344
 2022-04-19 07:34:15 -03:00
Pedro Igor
9eca6b4e75
Add environment variable expansion to keycloak.conf (#11285) 
Closes #11283

Co-authored-by: Dominik Guhr <dguhr@redhat.com>

Co-authored-by: Dominik Guhr <dguhr@redhat.com>
 2022-04-19 09:11:29 +02:00
Pedro Igor
52d205ca91
Allow exposing some initial provider config options via web site (#10572) 
* Allow exposing some initial provider config options via web site

Co-authored-by: Stian Thorgersen <stian@redhat.com>

Closes #10571

* Include type to provider options, and hide build-icon column as it's not relevant

Co-authored-by: stianst <stianst@gmail.com>
 2022-04-19 08:01:42 +02:00
McLaynV
91c191024e
Fix a typo in a description String (#11260) 
Resolves #11344
 2022-04-18 07:09:24 -03:00
Pedro Igor
6bf9080d8d Remove deployment module dependency from server module 
Closes #11257
 2022-04-14 07:25:00 -03:00
Stan Silvert
ed79c2a861
Revert "Include Admin UI as a regular dependency (#11156)" (#11280) 
This reverts commit 31c272d73f.
 2022-04-13 09:19:49 -04:00
Jon Koops
31c272d73f
Include Admin UI as a regular dependency (#11156) 2022-04-13 09:18:56 -04:00
Dominik Guhr
7811f3721a Add db-url-port option 
to set the port when not using a full db-url

closes #11251
 2022-04-13 08:31:25 -03:00
Bruno Oliveira da Silva
bb025f1378 Update wildfly-elytron dependency in the main Quarkus distribution (CVE-2021-3642) 
Resolves #11196
 2022-04-11 09:47:39 -03:00
Stian Thorgersen
7c64f28934
Change admin console to load keycloak.js using a relative URL (#11109) 
* Change admin console to load keycloak.js using a relative URL

Closes #11108

* fix tests

Co-authored-by: Dominik Guhr <dguhr@redhat.com>
 2022-04-06 09:35:26 +02:00
Dominik Guhr
f247b07022 fixes admin console access using default https port without proxy 
Closes #11083
 2022-04-05 23:13:37 -03:00
Bruno Oliveira da Silva
36c58962d1 Update jackson-databind dependency to fix CVE-2020-36518 
Resolves #11071
 2022-04-05 09:31:28 -03:00
Pedro Igor
23c5199c0c
Allow overriding the host header using X-Forwarded-Host (#11021) 
Closes #10997
 2022-04-05 09:17:08 +02:00
Pedro Igor
2b5d68d645
Allow resoving theme resources from flat classpath (#10989) 
Closes #10951
 2022-04-05 09:16:20 +02:00
Bruno Oliveira da Silva
cc947df828 Update Infinispan to 13.0.8 to fix vulnerabilities reported on XStream 
Resolves #11063
 2022-04-01 13:09:08 -03:00
Dominik Guhr
9e57f836f2 Make quarkus runtime properties also available as runtime properties in keycloak 
Changes behaviour to:
- all raw quarkus config properties are handled as runtime config in keycloak, with the exception of raw properties we need for additional datasources, there we check for build- vs runtime
- unknown quarkus buildtime properties require a build first or the usual quarkus warning is shown
- wrapped quarkus properties still get ignored / overwritten by our configuration layer (no change in behaviour here)

Closes #10968
 2022-03-30 18:13:09 -03:00
Dominik Guhr
a5c3d035b9 Fixes showing sensitive values like passwords and irritating error msg when key used is unknown 
Only first unknown option is shown for now. May be iterated in the future.

Closes #10050

Closes #10051
 2022-03-29 10:37:07 -03:00
Dominik Guhr
0941a4709e Fixes windows configuration test 
also fixes using ~ as database default for e.g. IDELauncher (does not work on all windows versions)

also fixes the HelpCommandTest, as approvalTests are now generated based on the OS the tests run

Closes #10246

Co-authored-by: Victor-Philipp Negoescu <victor-philipp.negoescu@iteratec.com>
 2022-03-29 10:34:34 -03:00
Pedro Igor
e177f90299
Allow importing realms during startup (#10754) 
Closes #9261
 2022-03-24 14:35:09 +01:00
keycloak-bot
c71aa8b711
Set version to 999-SNAPSHOT (#10784) 2022-03-22 09:22:48 +01:00
Pedro Igor
ffa6df5547
Fixes to hostname (#10820) 
Closes #10627
Closes #10331
 2022-03-22 08:11:50 +01:00
Pedro Igor
183ad30755 Capacity to change hibernate dialect 
Closes #10749
 2022-03-21 07:18:01 -03:00
JPA2015
a5a384b4d5 #10443 start-dev: parsing command lines parameters 
kc.bat called "shift" twice after parsing "start-dev". But "start-dev" is only one parameter so that "shift" should be called only once or else further command line parameters won't be parsed correctly.

Closes #10443
 2022-03-18 16:19:10 -03:00
Andrea Peruffo
b66115c1df
Create missing data folder in docker image (#10783) 
Resolves #10806
 2022-03-17 14:50:38 -03:00
Bruno Oliveira da Silva
8aa394ca6b Update to Liquibase 4.8.0 
Closes #10678

Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: Martin Kanis <mkanis@redhat.com>
 2022-03-16 13:46:31 -03:00
Dominik Guhr
b82b0000bc fixes port not recognized when setting hostname and port without proxy 
Closes #10627

Closes #10331
 2022-03-16 12:03:19 -03:00
Pedro Igor
ad865e75c1 Change the flush mode to auto and fixing how entities are checked if they are loaded in the EM 
Closes #10411
 2022-03-11 12:21:52 -03:00
Dominik Guhr
fb41c52675
Update to Quarkus 2.7.4 (#10687) 
includes ispn 13.0.6

Closes #10685
 2022-03-11 09:25:34 +01:00
Dominik Guhr
5233f2a729 Remove wrong message from build command help 
Closes #10664
 2022-03-10 13:36:48 -03:00
Dominik Guhr
1710b38cf8 Update to quarkus 2.7.3 
Full changelog on quarkus side: https://github.com/quarkusio/quarkus/releases/tag/2.7.3.Final | startup performance: no degradation | manual smoke tests: passed

Closes #10641
 2022-03-08 13:45:25 -03:00
Pedro Igor
c11a6e3ef0 Allow using an additional persistence unit and datasource 
Closes #10579
 2022-03-08 12:09:49 -03:00
rmartinc
48565832d4 [#10608] Password blacklists folder 2022-03-08 08:22:34 -03:00
Dominik Guhr
8454dc5a5d Support for console-JSON and FILE logging 
See logging.adoc for details on the usage

Closes #10523, #10607 and #10415
 2022-03-08 08:19:03 -03:00
Dominik Guhr
c49c4f80a2 update to quarkus 2.7.2 
postgres update to 42.3.3. Did a hands-on startup performance test between 2.7.1 and 2.7.2, no change (between 3.2xx and 3.4xx seconds for start-dev with initialized db, mostly in the 3.3xx or lower 3.4xx timeframe). Also did a few smoketests

Closes #10437

Closes #10282
 2022-02-24 17:19:05 -03:00
andreaTP
59d9e3e3ee Enable the heatlh endpoints under a flag 2022-02-24 14:35:42 -03:00
Pedro Igor
e3d294e988 Wrong description for import/export options 
Fixes #10355
 2022-02-24 13:28:24 +01:00
Dominik Guhr
c9764e114e Update quarkus/pom.xml 
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2022-02-23 11:26:55 -03:00
Dominik Guhr
86dcec8e3a Update to Quarkus 2.7.1 
Postgresql driver patch to 42.3.2

Closes #10111
 2022-02-23 11:26:55 -03:00
Pedro Igor
209df44641
Fixing responses when unexpected errors occurs (#10383) 
Closes #10338
 2022-02-23 07:44:25 +01:00
Dominik Guhr
19a17e79ba Change tx driver handling. 
Introduce a non-tx driver for the vendors and map based on new build option transaction-tx-enabled

Closes #10191 and others.

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2022-02-22 18:00:31 -03:00
Dominik Guhr
9358535161
Fix admin user creation message when calling quarkus welcomepage from remote (#10362) 
For wildfly, everything is as before. For Quarkus, we check if http is enabled and provide the right port and scheme if so, and also we are relative-path aware.

Closes #10335
 2022-02-22 08:19:45 +01:00
Pedro Igor
a9668d14ce Proper error response when handing unexpected errors 
Closes #10176
 2022-02-16 15:35:38 -03:00
Yoshiyuki Tabata
089c2df391
Closes #10243 (#10244) 2022-02-16 12:22:11 +01:00
Stian Thorgersen
fa87d46210
Remove additional repositories where they are not needed. Set updatePolicy for GA. (#10047) 
Closes: #10133
 2022-02-16 08:59:05 +01:00
Pedro Igor
f3c3bb5001
Removing unnecessary code paths during startup (#10131) 
Closes #10130
 2022-02-15 12:09:14 +01:00
Stian Thorgersen
5d3fbbb158
Update README.md 2022-02-15 08:11:44 +01:00
Dominik Guhr
5d781304e7 Fix idelauncher resourceloading 
caused by doubled slashes when getting the path for resources while running IDELauncher. So now we sanitize them. Tests by building and running  wf and quarkus distribution, running from idelauncher and running using quarkus:dev, assets got always loaded.

closes #9942
 2022-02-14 15:51:58 -03:00
Dominik Guhr
e1967250af
provide readme for containers module (#10093) 
seems to accidentally gone missing when moving from containers repo

Closes #10092
 2022-02-14 16:03:03 +01:00
Thomas Darimont
61ea2dd1bb Add ability to control debug suspend mode to kc scripts 
We now consider the new env variable DEBUG_SUSPEND to control the
suspend mode of the remote debug configuration. DEBUG_SUSPEND defaults to 'n' which was the hard-coded default setting before.

Fixes #10178

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
 2022-02-13 13:39:10 -03:00
keycloak-bot
d9f1a9b207
Set version to 18.0.0-SNAPSHOT (#10165) 2022-02-11 21:28:06 +01:00
Sebastian Schuster
011d108fff
10073 reduced quarkus image size (#10074) 2022-02-10 08:01:51 +01:00
Dominik Guhr
23e5bc7aa3
Readme review v1 (#10082) 2022-02-10 06:51:53 +01:00
Stefan Guilhen
7c1d6eae43
Upgrade to Liquibase 4.6.2 
* Upgrade to Liquibase 4.6.2
* Add valid checksums to changesets to allow migration to newest liquibase
* Update liquibase licenses

Co-authored-by: Martin Kanis <mkanis@redhat.com>
 2022-02-09 12:56:46 +01:00
Pedro Igor
82300ba731 Failing to use cache remote-stores due to missing dependencies 
Closes #10046
 2022-02-09 06:34:41 -03:00
Pedro Igor
0908325e6d Can not set a jgroups stack other than the defaults from Infinispan 
Closes #10052
 2022-02-09 06:34:25 -03:00
Dominik Guhr
c22299045c remove profile references 
Closes #9683
 2022-02-09 06:24:37 -03:00
Dominik Guhr
1b77358160 Logging guide v1 
Closes #10001
 2022-02-08 18:13:05 -03:00
Pedro Igor
f107f0596e Rename h2-file and h2-mem and removing defaults from production databases 
Closes #9973
 2022-02-04 15:43:51 -03:00
andreaTP
3244cd7f84 Remove Quarkus tests workaround for log capturing 2022-02-04 11:20:18 -03:00
Pedro Igor
eaa8ea6334 Revert changes to stick session defaults 
Repoen #9393
 2022-02-04 15:12:56 +01:00
Dominik Guhr
a592fae626 Fix success on invalid build 
Closes #9790
 2022-02-04 15:11:53 +01:00
Dominik Guhr
0f3293cf00 Do not show full help when providing an invalid option 
Closes #9956
 2022-02-04 13:53:02 +01:00
Pedro Igor
ec49695a98 Initial logging support 
Closes #9901
 2022-02-03 13:44:24 +01:00
Pedro Igor
0de72105d7 Default to not attach route to cookies 
Closes #9393
 2022-02-02 13:35:18 -03:00
Pedro Igor
3967c81453
Review Configuring a Database guide (#9559) 
Closes #9457

Co-authored-by: Stian Thorgersen <stian@redhat.com>

Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2022-02-02 13:30:53 +01:00
Pedro Igor
fe0cb36284 Do not run re-augmentation if config is the same in dev mode 
Closes #9906
 2022-02-01 13:32:16 -03:00
Stian Thorgersen
cc88fb2daa
Update default distribution to Quarkus (#9839) 
Closes #9837
 2022-02-01 09:42:09 +01:00
Dominik Guhr
5a1f4b8889 Quarkus update to 2.7.0.Final 
Minor and micro dependency updates, some relocations (e.g. vault, ZipUtils), so some changes were needed to make this work.

Closes #9872
 2022-01-31 09:55:02 -03:00
Pedro Igor
d140abb8fa
Mapped Quarkus properties should not be persisted (#9808) 
Closes #9807
 2022-01-27 11:12:31 +01:00
Pedro Igor
7c162b42a6
Improve enabling/disabling features in Quarkus distribution (#9801) 
Closes #9706
 2022-01-27 11:11:46 +01:00
Pedro Igor
781ceb24fd Add a quarkus.properties for unsupported configuration options 
Closes #9682
 2022-01-26 11:26:50 -03:00
Pedro Igor
d28b54e5d5
Hide Hasicorp Vault from CLI (#9700) 
Closes #9688
 2022-01-25 14:24:35 +01:00
Pedro Igor
b53c5d5eee Build command should not allow runtime options 
Closes #9618
 2022-01-23 16:30:48 -03:00
Thomas Darimont
438fc2865f Fix embedded theme-resources lookup in Keycloak.X 
Previously lookups for embedded theme-resources did not work for Keycloak.X because of a missing
`ClasspathThemeResourceProvider` registration.

This PR ensures that a `ClasspathThemeResourceProvider` is registered in Keycloak.X based deployments.

Added empty constructors to ClasspathThemeResourceProvider to enable dynamic instantiation by Quarkus.

Fixes #9653
 2022-01-21 09:52:26 -03:00
Pedro Igor
1b1e220236
Remove system property from help message (#9694) 
Closes #9687
 2022-01-21 13:22:21 +01:00
Stian Thorgersen
b8d3c12a08
Update layout for options in guides (#9658) 2022-01-20 14:21:23 +01:00
Pedro Igor
0a9387ff4f Unified configuration option format and renaming keycloak.properties to keycloak.conf 
Closes #9606
 2022-01-19 08:47:15 -03:00
Pedro Igor
8ed7c0544f Defaults to TLSv1.3 
Closes #9530
 2022-01-18 07:42:24 -03:00
Daniel Gozalo
8ea09d3816
[fixes #9222] - Let users configure Dynamic Client Scopes (#9327) 2022-01-12 14:27:24 +01:00
Dominik Guhr
fe506bceaa
Change config ordinals and simpler keycloak.properties file 
Closes #9473
 2022-01-11 15:11:59 -03:00
Pedro Igor
b2e55762f1
Properly setting the database schema (#9400) 
Closes #9398
 2022-01-11 09:22:11 +01:00
Pedro Igor
cbfd989ca9
Allow equal sign within option values (#9402) 
Closes #9397
 2022-01-11 09:21:38 +01:00
Pedro Igor
981cda5bfd Database configuration tests 
Closes #9293
 2022-01-05 09:26:46 -08:00
CorneliaLahnsteiner
dff79cee3c
KEYCLOAK-847 Add support for step up authentication (#7897) 
KEYCLOAK-847 Fix behavior of unknown not essential acr claim

Co-authored-by: Georg Romstorfer <georg.romstorfer@gmail.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
 2021-12-22 12:43:12 +01:00
andreaTP
dfcf46ca60 Bump Quarkus to 2.5.4.Final 2021-12-22 02:29:28 -08:00
Pedro Igor
ca58aa7b3d
[fixes #9250] - Wrong query when fetching last model version (#9251) 2021-12-22 08:25:06 +01:00
Pedro Igor
4f568dff63 [fixes #9133] - Allow setting JDBC driver and transaction type 2021-12-21 09:57:21 -08:00
Dominik Guhr
93aeb572bb [closes #9284] - remove xmlsec version from quarkus pom 2021-12-21 09:12:08 -08:00
andreaTP
6c12c18854 review 2021-12-20 07:47:42 -08:00
andreaTP
79463ffa58 Stabilize docker distribution tests 2021-12-20 07:47:42 -08:00
keycloak-bot
9f3d4a7d42 Set version to 17.0.0-SNAPSHOT 2021-12-20 10:50:39 +01:00
Dominik Guhr
68271ba486 Solves Issue [#9186] Update to 2.5.3 and small typo fix 2021-12-16 07:43:45 -08:00
Dominik Guhr
c70dc0e72d Add IsIntegrationTest BuildStep Annotation 2021-12-14 04:07:48 -08:00
Dominik Guhr
dad5639b4e WIP: use extra buildstep and configprovider for tests 2021-12-14 04:07:48 -08:00
Pedro Igor
6cc674a875 [fixes #9108] - Unable to recognized SPI persisted properties 2021-12-14 03:32:59 -08:00
Pedro Igor
07196cdcf9 [fixes #9116] - Fixing cluster config tests 2021-12-14 03:32:43 -08:00
Pedro Igor
9b243cebeb [fixes #9089] - Fixing export and import commands 2021-12-14 03:32:10 -08:00
Dominik Guhr
f2abfecca1 KEYCLOAK-19858 Add Tests to check that no credentials are leaking when using CLI commands. Also: Tests for Help Command output using Golden master technique 2021-12-14 02:13:59 -08:00