mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2025-12-21 06:20:05 -06:00
Code Issues Packages Projects Releases Wiki Activity
29,040 Commits 20 Branches 287 Tags
feature/admin-api-v2
Commit Graph

214 Commits

Author SHA1 Message Date
Martin Bartoš
e41a961628 Manual execution of Jakarta validation (#42388) 
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-09-15 10:20:50 +02:00
Martin Bartoš
17e8407230 [admin-api-v2] SPIs for Admin APIs v2 (#41943) 
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-09-05 11:07:58 +02:00
Martin Bartoš
eca1333027 [admin-api-v2] Provide simple validation with Jakarta/Hibernate Validation (#41110) 
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-09-05 10:51:30 +02:00
Steven Hawkins
9e1e0dbad3 implementing json patch (#40904) 
* implementing json patch

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* adding zjsonpatch to the dist and adding basic tests

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-09-05 10:49:43 +02:00
Pedro Igor
4abe5b5f4a Initial implementation for the RLM scheduled task 
Closes #42105

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-04 17:19:53 +02:00
Stian Thorgersen
320ea5a9a7 Experimental SPIFFE identity provider (#42314) 
Closes #42313

Signed-off-by: stianst <stianst@gmail.com>
 2025-09-04 14:48:18 +02:00
Martin Kanis
fc3914c439 [RLM] Provide a action to notify users by email based on a configurable time 
Closes #41788

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-09-03 16:38:41 -03:00
Bagautdino
d225bce21f feat(FGAPv2): introduce RESET_PASSWORD scope and evaluation 
- Add RESET_PASSWORD to AdminPermissionsSchema.USERS
- Require RESET_PASSWORD in UserResource.resetPassword()
- Expose canResetPassword()/requireResetPassword()
- Implement FGAP v2 deny-overrides + secure-by-default + optional fallback
- Include access.resetPassword for Admin Console

Closes #41901

Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Bagautdino <336373@edu.itmo.ru>
 2025-09-03 15:10:56 -03:00
Pedro Igor
4d018406e9 Removing unused imports 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-02 17:45:59 -03:00
Pedro Igor
76e02388ff Moving resetOnevent to base class 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-02 17:45:59 -03:00
Pedro Igor
a4f115b4cc Moving deactivation events to base class 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-02 17:45:59 -03:00
Pedro Igor
b65356f3c8 Refactoring how policies are activated based on user-defined events and conditions 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-02 17:45:59 -03:00
Pedro Igor
cee9b6803b Refactoring built-in policies to use conditions 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-02 17:45:59 -03:00
Pedro Igor
03cbc11e7e Initial refactoring to make federated identities a condition 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-02 17:45:59 -03:00
Pedro Igor
17a053b2af Add support for generic event-based policies and conditions 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-09-02 17:45:59 -03:00
stianst
57242d2497 Experimental federated client authentication 
Closes #42228

Signed-off-by: stianst <stianst@gmail.com>
 2025-09-02 10:02:51 -03:00
Stefan Guilhen
d855e0f06c Add support for recurring policies 
Closes #42120

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-09-01 12:28:46 -03:00
Stefan Guilhen
af96183788 Allow resource policies to be deactivated for a resource based on events 
- Listen for federated identity add/remove events to activate and deactivate policies based on IDP association

Closes #42107
Closes #42108

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-09-01 11:02:00 -03:00
Stefan Guilhen
05fa5cb552 Add enabled config option to resource policies 
Closes #42104

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-09-01 10:28:01 -03:00
Giuseppe Graziano
4262480bc2 Validation for blank Client ID 
Closes #41041

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-09-01 11:20:32 +02:00
Pedro Igor
a64c5c0d70 Adding RLM Admin API and basic endpoints 
Closes #40346

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-08-28 14:49:21 -03:00
Stefan Guilhen
8eb6ee619f Rework getEligibleResourcesForInitialAction so it returns all resources that are eligible to be associated with a policy 
Closes #42106

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-08-26 11:52:46 -03:00
Ricardo Martin
46e990b7a7 Check for non-ascii local part on emails depending on SMTP configuration 
Closes #41994

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-08-21 08:16:47 +00:00
Stefan Guilhen
70659ac183 Rework RLM core to schedule action based on events @sguilhen (#42010) 
* Rework RLM core to schedule action based on events

Closes #41803

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-08-20 17:59:52 +00:00
Sebastian Łaskawiec
988bf9cb0b WelcomeResource do not create temporary admins (#41416) 
Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@defenseunicorns.com>
 2025-08-18 17:31:26 +02:00
Stefan Guilhen
4267561441 Disable testDisabledUserAfterInactivityPeriod 
- prevents CI failures while the feature is still being developed

#Closes #41913

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-08-18 11:44:14 -03:00
Ricardo Martin
949ef35a3b Allow and control sending UTF-8 emails in the default email sender impl 
Closes #41023

Signed-off-by: rmartinc <rmartinc@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-08-15 10:43:38 +00:00
Šimon Vacek
42520d8409 Refactor test database config in the new framework (#41320) 
* Refactor test database config in the new framework

Closes #41319

Signed-off-by: Simon Vacek <simonvacky@email.cz>

# Conflicts:
#	tests/base/src/test/java/org/keycloak/tests/db/CaseSensitiveSchemaTest.java
#	tests/base/src/test/java/org/keycloak/tests/db/PreserveSchemaCaseLiquibaseTest.java

* Moved test method to the abstract class

Signed-off-by: Simon Vacek <simonvacky@email.cz>

* Conform to conventions

Signed-off-by: Simon Vacek <simonvacky@email.cz>

* Add lifecycle class to custom DBs to prevent containers with re-use from running after tests

Signed-off-by: Stian Thorgersen <stian@redhat.com>

---------

Signed-off-by: Simon Vacek <simonvacky@email.cz>
Signed-off-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2025-08-15 09:29:08 +02:00
Akbar Husain
06f80416fb Replace keySet with entrySet 
Closes #40064

Signed-off-by: akbarhusainpatel <apatel@intermiles.com>
Co-authored-by: akbarhusainpatel <apatel@intermiles.com>
 2025-08-14 17:31:15 +02:00
Dennis Kniep
d74a10d87a Add TiDB as supported db 
Closes #41455

Signed-off-by: Dennis Kniep <kniepdennis@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-08-14 07:27:21 +00:00
Lukas Hanusovsky
5b3b36e300 Move RealmRolesTest.java to the new testsuite (#41404) 
Part of: #34494

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-08-13 12:56:23 +02:00
Peter Skopek
651d651c30 Add missing artifact descriptions to allow Maven Central Portal Publisher pass validation process. (#40822) 
Signed-off-by: Peter Skopek <pskopek@redhat.com>
 2025-08-12 16:50:17 +02:00
vramik
a8225655cf Initial commit for the RLM feature 
Closes #40340
Closes #40341

Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>

Signed-off-by: vramik <vramik@redhat.com>
 2025-08-11 17:34:41 -03:00
Šimon Vacek
20cb13e8dc fix UserConfigBuilder usage (#41794) 
fixes: #41326

Signed-off-by: Simon Vacek <simonvacky@email.cz>
 2025-08-11 14:49:56 -03:00
Lukas Hanusovsky
f12ab6b189 Move RealmTest.java to the new testsuite (#41326) 
Part of: #34494

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-08-11 16:24:27 +02:00
Šimon Vacek
e664e56b62 Test framework config builders name unification (#41727) 
* Test framework config builders name unification

Closes #37275

Signed-off-by: Simon Vacek <simonvacky@email.cz>

* Update test-framework/core/src/main/java/org/keycloak/testframework/realm/RealmConfigBuilder.java

Signed-off-by: Stian Thorgersen <stian@redhat.com>

---------

Signed-off-by: Simon Vacek <simonvacky@email.cz>
Signed-off-by: Stian Thorgersen <stian@redhat.com>
Co-authored-by: Stian Thorgersen <stian@redhat.com>
 2025-08-11 12:56:33 +00:00
Alexander Schwartz
e1b3afb686 Refresh token for an OAuth2 based IDP when retrieving the IDP token 
Closes #14644

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-07-31 11:11:34 +02:00
rmartinc
1f608fae6e Create a new condition for credential type and add it to default flows 
Closes #41354

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-07-31 10:14:15 +02:00
Steven Hawkins
10947d002f fix: using localtest.me instead of nip.io 
closes: #40645

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-07-26 11:36:01 +02:00
Stian Thorgersen
b71b1f5fea Disable tests for specific databases and servers in test framework (#41358) 
Closes #41357

Signed-off-by: stianst <stianst@gmail.com>
 2025-07-24 09:34:15 +02:00
Stian Thorgersen
bd676ea845 Test suites config for the new test framework (#41318) 
Closes #41316

Signed-off-by: stianst <stianst@gmail.com>
 2025-07-23 09:23:16 +02:00
Šimon Vacek
eb000cfbe0 Move ComponentsTest.java to the new testsuite (#41169) 
Part of: #34494

Signed-off-by: Simon Vacek <simonvacky@email.cz>
 2025-07-22 11:26:06 +00:00
Lukas Hanusovsky
d7273e6b1f Move ConsentsTest.java to the new testsuite (#40323) 
* Moving files to the new test suite

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>

* Move ConsentsTest.java, UserRoleTest.java to the new testsuite

Part of: #34494

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>

---------

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-07-22 12:31:59 +02:00
Ryan Emerson
52a83509dc Default jdbc-ping cluster setup for distributed caches fails in Oracle 
* Add DatabaseConfig to TestDatabase so the underlying DB can be
  configured per test
* Allow DB initScripts to be configured by tests

Closes #40784
Closes #41105

Signed-off-by: Ryan Emerson <remerson@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-07-17 15:57:25 +00:00
Takashi Norimatsu
f00cd980c4 Add FAPI 2.0 + DPoP security profile as default profile of client policies 
closes #35441

Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>
 2025-07-16 09:30:11 +02:00
Lukas Hanusovsky
788e981917 Move UserTest.java to the new testsuite 
Part of: #34494

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-07-16 08:13:30 +02:00
Lukas Hanusovsky
5e805ac6b3 Move UserStorageRestTest.java to the new testsuite 
Part of: #34494

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-07-15 13:39:32 +02:00
Lukas Hanusovsky
2145830d57 Moving files to the new test suite 
Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-07-15 13:39:32 +02:00
Lukas Hanusovsky
17beaa1359 Migrate FineGrainAdminUnitTest.java to the new testsuite 
Part of: #34494

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-07-15 13:38:03 +02:00
Pedro Igor
d5206b61f6 Update email feature only enabled if the required action is enabled at the realm 
Closes #41045

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-07-14 16:31:15 -03:00