No description
Find a file
Thomas Darimont d28adcb81b
Avoid NPE if realm configuration contains invalid required action configuration (#32649)
* Avoid NPE if realm configuration contains invalid required action configuration

If users removed implementations or renamed the provider id of a required action, then the realm configuration might contain dangling references to required actions.
If we then try to find the RequiredActionFactory to determine the if the required action is configurable then NPE is thrown. This PR prevents the NPE with a guard clause.

Fixes #32624

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>

* Log a warning if required action with missing provider is detected.

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>

---------

Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>
2024-09-04 15:04:58 -04:00
.github test login v2 2024-08-29 07:18:24 -04:00
.idea Add Intellij project icon 2023-09-18 12:39:16 +02:00
.mvn Upgrade Maven and wrapper to latest version 2024-06-19 10:42:33 +02:00
adapters Remove keycloak-core and keycloak-crypto-default from SAML galleon feature pack and upgrade them to Java 17 2024-09-03 15:58:57 +02:00
authz Removing policy-enforcer from Keycloak repository 2024-08-28 07:40:20 -03:00
boms Remove adapter and misc boms 2024-09-04 17:03:53 +02:00
common Deprecate old remote store 2024-09-04 10:25:51 +00:00
core Filter out org brokers from the account console 2024-09-04 09:00:52 -03:00
crypto Remove keycloak-core and keycloak-crypto-default from SAML galleon feature pack and upgrade them to Java 17 2024-09-03 15:58:57 +02:00
dependencies Map Store Removal: Rename legacy modules 2024-01-25 16:29:16 +01:00
distribution Remove keycloak-core and keycloak-crypto-default from SAML galleon feature pack and upgrade them to Java 17 2024-09-03 15:58:57 +02:00
docs Lightweight access tokens for Admin REST API (#32347) 2024-09-04 18:04:23 +02:00
federation Allow removing users federated from a kerberos provider 2024-08-13 18:47:55 +02:00
integration Ensure identity providers returned to the org IDP selection are IDPs not associated with any orgs. 2024-08-21 07:49:01 -03:00
js Show details for error messages where they were missing (#32534) 2024-09-04 07:23:54 -04:00
misc Testsuite PoC - Implement a ChromeWebDriverSupplier (#30377) (#31026) 2024-07-08 14:01:34 +02:00
model Lightweight access tokens for Admin REST API (#32347) 2024-09-04 18:04:23 +02:00
operator OTEL: Profile Feature 2024-08-30 13:19:09 +02:00
quarkus Deprecate old remote store 2024-09-04 10:25:51 +00:00
rest Avoid NPE if realm configuration contains invalid required action configuration (#32649) 2024-09-04 15:04:58 -04:00
saml-core Removing BOM character from SAML entity descriptor 2024-08-26 10:59:05 +02:00
saml-core-api Use a default Java version from root POM (#29927) 2024-06-21 14:19:31 +02:00
server-spi Filter out org brokers from the account console 2024-09-04 09:00:52 -03:00
server-spi-private Add information about token expiry to events 2024-09-04 14:44:51 +02:00
services Lightweight access tokens for Admin REST API (#32347) 2024-09-04 18:04:23 +02:00
test-framework Move Test Framework (#32407) 2024-08-28 14:14:08 +02:00
test-poc Move Test Framework (#32407) 2024-08-28 14:14:08 +02:00
testsuite Lightweight access tokens for Admin REST API (#32347) 2024-09-04 18:04:23 +02:00
themes some more ui fixes (#32661) 2024-09-04 12:30:34 -04:00
util Artifact SLF4J LOG4J-12 has been relocated (#20113) 2023-05-05 13:57:45 +02:00
.editorconfig Don't apply editorconfig auto-formatting to properties file for now 2024-05-29 19:00:06 +02:00
.gitattributes Use lf as line-ending for sh files 2022-07-19 08:57:57 +02:00
.gitignore Remove keycloak-admin-client-jee 2024-08-20 10:53:09 +02:00
.gitleaks.toml Ignore a false positive in internal code scan (#27811) 2024-03-12 15:49:46 +01:00
ADOPTERS.md add Bundesagentur für Arbeit to ADOPTERS.md (#26784) 2024-02-05 14:32:49 +01:00
CONTRIBUTING.md link translation docs to contribution document (#30477) 2024-06-17 10:30:34 +02:00
eslint.config.js Update ESLint dependencies to latest version (#31831) 2024-08-06 08:02:18 -04:00
get-version.sh Use Maven wrapper instead of platform dependent Maven version (#29988) 2024-06-03 15:45:39 +02:00
GOVERNANCE.md Update governance model around changes in maintainership (#29292) 2024-05-22 08:24:10 +02:00
LICENSE.txt Added text version of ASL2 license 2019-11-08 12:43:10 +01:00
MAINTAINERS.md Update maintainers (#31798) 2024-08-12 11:54:53 +02:00
maven-settings.xml [KEYCLOAK-11764] Upgrade to Wildfly 19 2020-04-24 08:19:43 -03:00
mvnw Upgrade Maven and wrapper to latest version 2024-06-19 10:42:33 +02:00
mvnw.cmd Upgrade Maven and wrapper to latest version 2024-06-19 10:42:33 +02:00
package.json Bump eslint-plugin-react from 7.35.0 to 7.35.1 (#32604) 2024-09-03 09:42:13 +02:00
pnpm-lock.yaml Bump vite from 5.4.2 to 5.4.3 (#32629) 2024-09-04 11:06:09 +02:00
pnpm-workspace.yaml Move unrelated files out of common resources (#32285) 2024-08-22 09:57:15 +02:00
pom.xml Some regular maintenance to JavaScript tooling (#32423) 2024-08-29 07:07:22 -03:00
PR-CHECKLIST.md Introduce CODEOWNERS (#16637) 2023-01-30 13:05:45 +01:00
README.md Add some badges to README.md (#27921) 2024-03-15 11:25:21 +01:00
SECURITY-INSIGHTS.yml Provide an OpenSSF security insights manifest file 2024-02-15 11:02:33 -03:00
set-version.sh Update set-version to update version in package.json for admin-ui (#32068) 2024-08-12 15:31:25 +02:00
tsconfig.eslint.json changed name and added version number (#28157) 2024-04-19 14:10:34 -04:00
tsconfig.json Move ESLint configuration to project root (#28639) 2024-04-12 08:34:18 +00:00

Keycloak

GitHub Release OpenSSF Best Practices GitHub Repo stars GitHub commit activity

Open Source Identity and Access Management

Add authentication to applications and secure services with minimum effort. No need to deal with storing users or authenticating users.

Keycloak provides user federation, strong authentication, user management, fine-grained authorization, and more.

Help and Documentation

Reporting Security Vulnerabilities

If you have found a security vulnerability, please look at the instructions on how to properly report it.

Reporting an issue

If you believe you have discovered a defect in Keycloak, please open an issue. Please remember to provide a good summary, description as well as steps to reproduce the issue.

Getting started

To run Keycloak, download the distribution from our website. Unzip and run:

bin/kc.[sh|bat] start-dev

Alternatively, you can use the Docker image by running:

docker run quay.io/keycloak/keycloak start-dev

For more details refer to the Keycloak Documentation.

Building from Source

To build from source, refer to the building and working with the code base guide.

Testing

To run tests, refer to the running tests guide.

Writing Tests

To write tests, refer to the writing tests guide.

Contributing

Before contributing to Keycloak, please read our contributing guidelines. Participation in the Keycloak project is governed by the CNCF Code of Conduct.

Other Keycloak Projects

License