Martin Bartoš
e41a961628
Manual execution of Jakarta validation ( #42388 )
...
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
2025-09-15 10:20:50 +02:00
Martin Bartoš
17e8407230
[admin-api-v2] SPIs for Admin APIs v2 ( #41943 )
...
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
2025-09-05 11:07:58 +02:00
Robin Meese
4f4ed315d3
Add OpenAPI and OpenAPI-UI to management interface ( #41853 )
...
Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com >
2025-09-05 11:07:56 +02:00
Martin Bartoš
eca1333027
[admin-api-v2] Provide simple validation with Jakarta/Hibernate Validation ( #41110 )
...
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
2025-09-05 10:51:30 +02:00
Steven Hawkins
9e1e0dbad3
implementing json patch ( #40904 )
...
* implementing json patch
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
* adding zjsonpatch to the dist and adding basic tests
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
---------
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
2025-09-05 10:49:43 +02:00
Steven Hawkins
1118c5bf1b
shows what patching logic should look like ( #40450 )
...
* shows what patching logic should look like
also shows basic field validation
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
* updates based upon review comments
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
---------
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
2025-09-05 10:49:43 +02:00
Steven Hawkins
210d3fa352
refinements related to service methods, serdes ( #40110 )
...
and adding a default to representation
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
2025-09-05 10:49:43 +02:00
Martin Bartoš
fff34d3bd5
[Admin API v2] Skeleton prototype ( #39322 )
...
* Add new ClientRepresentation
Co-authored-by: Peter Zaoral <pzaoral@redhat.com >
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com >
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Add APIs
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Add ApiModelMapper SPI
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Add MapStruct as default ApiModelMapper
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Add default APIs implementations
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Provide Service SPI and ClientService
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Add default Keycloak services and Client service
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Add ModelMapper to shared modules
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Implement Client service, add ServiceException class
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Use ClientService in Client REST API
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Update rest/admin-api/src/main/java/org/keycloak/admin/api/client/ClientsApi.java
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz >
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Fix ModelMapperSpi
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Use /admin/api/v2 as a root path
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Support latest API version by default
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
* Rename path param to comply with API spec
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
---------
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
Co-authored-by: Peter Zaoral <pzaoral@redhat.com >
Co-authored-by: Václav Muzikář <vmuzikar@redhat.com >
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz >
2025-09-05 10:49:41 +02:00
Stian Thorgersen
cbf915c570
Update timeout for Base IT (new) ( #42367 )
...
Signed-off-by: stianst <stianst@gmail.com >
2025-09-05 10:31:09 +02:00
Steve Hawkins
2a16655d84
fix: setting the built flag for embedded usage
...
closes : #23972
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
2025-09-05 01:56:41 -03:00
Martin Bartoš
3f5812466f
Upgrade to Quarkus 3.26.2 ( #42343 )
...
Closes #42342
Signed-off-by: Martin Bartoš <mabartos@redhat.com >
2025-09-04 17:20:40 +02:00
Pedro Igor
4abe5b5f4a
Initial implementation for the RLM scheduled task
...
Closes #42105
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2025-09-04 17:19:53 +02:00
Johannes Knutsen
973e9ad176
Add a global filter which throws bad request if a query parameter value has a control character
...
Closes #41117
Signed-off-by: Johannes Knutsen <johannes@kodet.no >
2025-09-04 10:19:51 -03:00
Awambeng
f9cb8dfe3d
[OID4VCI]: Add DPoP nonce header support to OID4VCI nonce endpoint ( #41999 )
...
Closes #41580
Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com >
2025-09-04 14:52:10 +02:00
forkimenjeckayang
d5feb76f1f
Restructure credential_configurations_supported parsing to handle credential_metadata with display and claims && Update Credential Issuer Metadata structure ( #42001 )
...
Closes #41587
Closes #41597
Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com >
2025-09-04 14:48:56 +02:00
Stian Thorgersen
320ea5a9a7
Experimental SPIFFE identity provider ( #42314 )
...
Closes #42313
Signed-off-by: stianst <stianst@gmail.com >
2025-09-04 14:48:18 +02:00
Steven Hawkins
fc467f48c8
fix: removing script logic for determining if a build is necessary ( #41771 )
...
closes : #23972
Signed-off-by: Steve Hawkins <shawkins@redhat.com >
2025-09-04 08:23:04 -04:00
dependabot[bot]
6c711bbf09
Bump lint-staged from 16.1.5 to 16.1.6 in /js ( #42333 )
...
Bumps [lint-staged](https://github.com/lint-staged/lint-staged ) from 16.1.5 to 16.1.6.
- [Release notes](https://github.com/lint-staged/lint-staged/releases )
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md )
- [Commits](https://github.com/lint-staged/lint-staged/compare/v16.1.5...v16.1.6 )
---
updated-dependencies:
- dependency-name: lint-staged
dependency-version: 16.1.6
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-04 08:09:52 -04:00
dependabot[bot]
29e5f49078
Bump mocha from 11.7.1 to 11.7.2 in /js ( #42331 )
...
Bumps [mocha](https://github.com/mochajs/mocha ) from 11.7.1 to 11.7.2.
- [Release notes](https://github.com/mochajs/mocha/releases )
- [Changelog](https://github.com/mochajs/mocha/blob/main/CHANGELOG.md )
- [Commits](https://github.com/mochajs/mocha/compare/v11.7.1...v11.7.2 )
---
updated-dependencies:
- dependency-name: mocha
dependency-version: 11.7.2
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-04 07:38:41 -04:00
dependabot[bot]
b9c1f5f02d
Bump typescript-eslint from 8.41.0 to 8.42.0 in /js ( #42330 )
...
Bumps [typescript-eslint](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/typescript-eslint ) from 8.41.0 to 8.42.0.
- [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases )
- [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/typescript-eslint/CHANGELOG.md )
- [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.42.0/packages/typescript-eslint )
---
updated-dependencies:
- dependency-name: typescript-eslint
dependency-version: 8.42.0
dependency-type: direct:development
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-04 07:38:10 -04:00
Awambeng
3cd2141698
Add invalid_nonce error support for OID4VCI ( #41977 )
...
Closes #39292
Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com >
2025-09-04 13:15:29 +02:00
forkimenjeckayang
6e767a30b8
Centralize OID4VCI Protocol Constants in Oid4VciConstants and Refactor Usages ( #41481 )
...
Closes #40083
Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com >
2025-09-04 13:12:10 +02:00
dependabot[bot]
691736f3dd
Bump vite from 7.1.3 to 7.1.4 in /js
...
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite ) from 7.1.3 to 7.1.4.
- [Release notes](https://github.com/vitejs/vite/releases )
- [Changelog](https://github.com/vitejs/vite/blob/main/packages/vite/CHANGELOG.md )
- [Commits](https://github.com/vitejs/vite/commits/v7.1.4/packages/vite )
---
updated-dependencies:
- dependency-name: vite
dependency-version: 7.1.4
dependency-type: direct:development
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2025-09-04 07:59:09 -03:00
Martin Kanis
fc3914c439
[RLM] Provide a action to notify users by email based on a configurable time
...
Closes #41788
Signed-off-by: Martin Kanis <mkanis@redhat.com >
2025-09-03 16:38:41 -03:00
dependabot[bot]
35e6d7512c
Bump actions/cache from 4.2.3 to 4.2.4
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4.2.3 to 4.2.4.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](5a3ec84eff...0400d5f644support@github.com >
2025-09-03 16:22:35 -03:00
Alexander Schwartz
4d3589c776
Lock the database before doing migrations
...
Closes #41801
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
2025-09-03 15:22:04 -03:00
Bagautdino
d225bce21f
feat(FGAPv2): introduce RESET_PASSWORD scope and evaluation
...
- Add RESET_PASSWORD to AdminPermissionsSchema.USERS
- Require RESET_PASSWORD in UserResource.resetPassword()
- Expose canResetPassword()/requireResetPassword()
- Implement FGAP v2 deny-overrides + secure-by-default + optional fallback
- Include access.resetPassword for Admin Console
Closes #41901
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com >
Signed-off-by: Bagautdino <336373@edu.itmo.ru >
2025-09-03 15:10:56 -03:00
dependabot[bot]
28d3b2dd29
Bump actions/checkout from 4.2.2 to 5.0.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.2.2 to 5.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](11bd71901b...08c6903cd8support@github.com >
2025-09-03 15:06:15 -03:00
dependabot[bot]
9be42e1681
Bump snyk/actions
...
Bumps [snyk/actions](https://github.com/snyk/actions ) from 28606799782bc8e809f4076e9f8293bc4212d05e to e2221410bff24446ba09102212d8bc75a567237d.
- [Release notes](https://github.com/snyk/actions/releases )
- [Commits](2860679978...e2221410bfsupport@github.com >
2025-09-03 15:05:40 -03:00
dependabot[bot]
2237cf3dab
Bump github/codeql-action from 3.29.4 to 3.29.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.29.4 to 3.29.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4e828ff8d4...3c3833e0f8support@github.com >
2025-09-03 15:05:11 -03:00
dependabot[bot]
42693395e1
Bump actions/download-artifact from 4.3.0 to 5.0.0
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 4.3.0 to 5.0.0.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](d3f86a106a...634f93cb29support@github.com >
2025-09-03 15:04:02 -03:00
Takashi Norimatsu
ea63cdc97a
Compliant with RFC8414, return server metadata at /.well-known/oauth-authorization-server/realms/{realm}
...
closes #40923
Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com >
2025-09-03 19:14:37 +02:00
Ryan Emerson
4fec0a8630
Document that single-cluster deployments expect all Keycloak instances to serve traffic
...
Closes #42305
Signed-off-by: Ryan Emerson <remerson@ibm.com >
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net >
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net >
2025-09-03 18:30:13 +02:00
Pedro Igor
8f0d528126
Make sure inner transactions are using their own session
...
Closes #41942
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2025-09-03 17:38:19 +02:00
forkimenjeckayang
a74076e8ab
Enforce batch_size ≥ 2 validation for batch_credential_issuance ( #42003 )
...
Closes #41590
Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com >
2025-09-03 17:15:55 +02:00
Awambeng Rodrick
dc6afee14e
Update OID4VCI error handling for draft 16 specification
...
- Replace unsupported_credential_type and unsupported_credential_format with unknown_credential_configuration
- Add new unknown_credential_identifier error type as per OID4VCI draft 16
- Update error handling logic to differentiate between credential configuration and identifier errors
- Add comprehensive test coverage for new error types
Closes #41591
Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com >
Refactor error handling in OID4VCIssuerEndpoint
Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com >
Resolve comments on PR
Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com >
fix failing test
Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com >
2025-09-03 16:53:22 +02:00
forkimenjeckayang
fc73537ba7
Rename ldp_vp to di_vp and restructure proofs object for Draft 16 compliance ( #41982 )
...
Closes #41576
Closes #41577
Closes #41581
Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com >
2025-09-03 16:33:43 +02:00
Peter Zaoral
fb35439479
Use an OS-specific key for writing for maven cache ( #41735 ) ( #41810 )
...
Closes : #41664
Signed-off-by: Peter Zaoral <pepo48@gmail.com >
2025-09-03 14:52:30 +02:00
dependabot[bot]
c7b787ef1a
Bump aquasecurity/trivy-action from 0.32.0 to 0.33.0
...
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action ) from 0.32.0 to 0.33.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases )
- [Commits](dc5a429b52...f9424c10c3support@github.com >
2025-09-03 08:54:09 -03:00
Stan Silvert
b460b76ff7
Flaky realm role test
...
* Use test id to click button instead of text locator.
Fixes #42235
Signed-off-by: Stan Silvert <ssilvert@redhat.com >
2025-09-03 08:00:42 +02:00
Alexander Schwartz
665f4140da
Adding missing docs for 26.4 release notes
...
Closes #42252
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net >
Signed-off-by: Alexander Schwartz <aschwart@redhat.com >
Co-authored-by: Vinod Anandan <vinod@owasp.org >
2025-09-02 17:47:12 -03:00
Pedro Igor
028b72876f
Removing fallback when there is no session
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2025-09-02 17:45:59 -03:00
Pedro Igor
4d018406e9
Removing unused imports
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2025-09-02 17:45:59 -03:00
Pedro Igor
76e02388ff
Moving resetOnevent to base class
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2025-09-02 17:45:59 -03:00
Pedro Igor
a4f115b4cc
Moving deactivation events to base class
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2025-09-02 17:45:59 -03:00
Pedro Igor
b65356f3c8
Refactoring how policies are activated based on user-defined events and conditions
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2025-09-02 17:45:59 -03:00
Pedro Igor
cee9b6803b
Refactoring built-in policies to use conditions
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2025-09-02 17:45:59 -03:00
Pedro Igor
03cbc11e7e
Initial refactoring to make federated identities a condition
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2025-09-02 17:45:59 -03:00
Pedro Igor
17a053b2af
Add support for generic event-based policies and conditions
...
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com >
2025-09-02 17:45:59 -03:00
Jon Koops
7990fa0300
Disable test retries for admin console ( #42289 )
...
Closes #42288
Signed-off-by: Jon Koops <jonkoops@gmail.com >
2025-09-02 15:49:33 -04:00
