mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2025-12-16 12:05:49 -06:00
Code Issues Packages Projects Releases Wiki Activity
29,778 Commits 20 Branches 287 Tags
main
Commit Graph

344 Commits

Author SHA1 Message Date
Lukas Hanusovsky
e8c6a7b98d [Test Framework] Migrate initial WebAuthn setup + WebAuthnRegisterAndLoginTest. (#44016) 
Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-12-15 15:01:42 +01:00
Stefan Guilhen
22c144dd30 Rename workflow events 
- USER_ADDED -> USER_CREATED
- USER_ROLE_ADDED -> USER_ROLE_GRANTED
- USER_ROLE_REMOVED -> USER_ROLE_REVOKED

Closes #44879

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-12 14:15:24 -03:00
Stefan Guilhen
7858e6ff6b Change workflow condition grammar to accept the token 'not' as the negation operator instead of '!' 
Closes #44880

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-12 13:31:55 -03:00
Stefan Guilhen
0fc9650acc Set Workflows as tech preview 
Closes #44881

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-12 13:05:59 -03:00
stianst
a07500045f Move workflow tests out of admin package 
Closes #44847

Signed-off-by: stianst <stianst@gmail.com>
 2025-12-12 11:54:58 -03:00
Pedro Igor
84a0324d60 Adding grant and revoke role steps 
Closes #44648

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-12-12 09:38:39 -03:00
Pedro Igor
138d1e0588 Allow restarting the step chain at a specific position 
Closes #44789

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-12-12 09:38:01 -03:00
Ruchika Jha
26fe8dc7d8 Added validation for client session timeout post comparing the realm session timeouts 
Closes #41019

Signed-off-by: ruchikajha95 <Ruchika.Jha1@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-12-11 13:58:04 +01:00
Stian Thorgersen
d25a731ae5 Fix Chrome and Firefox in new test framework on GitHub Actions (#44804) 
Closes #44776

Signed-off-by: stianst <stianst@gmail.com>
 2025-12-10 12:22:47 -03:00
Martin Kanis
ef011ea4d2 Fix compilation error in AbstractUserTest after merging #43620 (#44777) 
Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-12-09 13:57:46 +01:00
Martin Kanis
5ee4cb5157 Fix for missing object representation in admin event log when deleting user, group, client (#43620) 
* Fix for missing object representation in admin event log when deleting user, group, client

Closes #33009

Signed-off-by: jwozniakowski <wozniakowski@netguardians.ch>

* Fix issues and add role representation when deleting a role

Closes #33009

Signed-off-by: Martin Kanis <mkanis@redhat.com>

---------

Signed-off-by: jwozniakowski <wozniakowski@netguardians.ch>
Signed-off-by: Martin Kanis <mkanis@redhat.com>
Co-authored-by: jwozniakowski <wozniakowski@netguardians.ch>
 2025-12-09 12:32:18 +01:00
Stefan Guilhen
21eeb95fbc Rename workflow event USER_LOGGED_IN to USER_AUTHENTICATED 
Closes #44717

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-08 19:00:25 -03:00
Pedro Igor
89a8cddfd6 Make sure group permissions on view scope are not processed when querying users 
Closes #44329

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: vramik <vramik@redhat.com>
 2025-12-08 14:39:40 +01:00
Stefan Guilhen
fe3507b251 Promote workflows to supported state 
Closes #43492

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-08 10:06:40 -03:00
Stefan Guilhen
484980dbbe Add API method to allow activating a workflow for all eligible resources 
Closes #44643

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-08 09:45:45 -03:00
Pedro Igor
985777ebcc Improvements to the notify step 
Closes #44708

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-12-05 18:58:03 +01:00
Stefan Guilhen
b14d00e08f Improve workflow concurrency settings 
- allow restarting based on events
 - allow cancelling based on events

Closes #44645

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-05 11:28:18 -03:00
Stefan Guilhen
65ab7f541d Add API method that fetches the scheduled workflow steps for a resource 
Closes #43660

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-03 11:09:55 -03:00
Giuseppe Graziano
50179d165c Fix compilation failure in JWTAuthorizationGrantJWTClaimsClientPoliciesTest 
Closes #44626

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-12-03 08:16:35 -03:00
Ricardo Martin
f91363d12d Improve Public Key Management for JWTAuthorizationGrant identity provider 
Closes #44243

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-12-03 11:45:34 +01:00
rmartinc
ae7e7ba084 New Identity Provider condition for client policies 
Closes #44442

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-12-03 08:50:31 +01:00
Stefan Guilhen
a2562caa11 Cache expression EvaluatorContext in the workflow component model's notes 
Closes #42961

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-01 14:29:08 -03:00
Stefan Guilhen
cd350082f7 Ensure workflow is only restarted on events that match the activation condition 
Closes #44399

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-01 10:53:59 -03:00
Stefan Guilhen
6653b72f88 Ensure delete step is triggering UserRemovedEvent 
Closes #44398

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-01 10:52:40 -03:00
Stefan Guilhen
be714d935d Ensure GroupMemberLeaveEvent has a reference to the user leaving the group 
Closes #44400

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-12-01 10:46:43 -03:00
Giuseppe Graziano
2b4855ff97 Executor for checking claims in JWT assertions (#44537) 
Closes #4443


Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-12-01 11:07:42 +01:00
stianst
f6676ccd76 Migrate i18n package to new testsuite 
Closes #44520

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-28 08:56:11 -03:00
Marek Posolda
38768819e1 Make sure that signature validation possible to configure for OIDC id… (#44516) 
closes #44473


Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Ricardo Martin <rmartinc@redhat.com>
 2025-11-28 08:51:20 +01:00
Pedro Ruivo
3ed15e740a Add new option to schedule user session expiration 
Closes #44068

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Ryan Emerson <remerson@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Ryan Emerson <remerson@ibm.com>
 2025-11-27 23:01:32 +01:00
Thomas Diesler
54bf9206b2 [OID4VCI] Credential Offer must be created by Issuer not Holder (#44255) 
closes #44116


Signed-off-by: Thomas Diesler <tdiesler@ibm.com>
 2025-11-27 16:07:10 +01:00
Stian Thorgersen
33b6065c2a Introduces a ManagedWebDriver to provide a single entry point for utilities around WebDriver 
This will make it easier to discover various utilities without having to find static methods in various classes; and will also provides us with a wrapper around Selenium where we can add any tweaks needed. It is also now possible to construct a page instance without injection using `page().createPage(MyPage.class)`

Closes #44464

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-26 15:20:23 +01:00
rmartinc
d0e4d1f620 Better events for jwt-bearer and check all details in the tests 
CLoses #44137

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-11-26 12:09:51 +01:00
Stian Thorgersen
a8d4336da6 Migrate transactions package to new testsuite 
Closes #44460

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-26 10:57:19 +01:00
Giuseppe Graziano
b323fea8bc Always allow to setup JWKS URL in oidc idp 
Closes #44217

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-11-25 17:09:13 +01:00
dawg
d5a507e90d fix #43819 - partial import fails to overwrite existing groups (#43924) 
* fix #43819 - partial import fails to overwrite existing groups

- when removal is delayed until insertion of the newly imported group
  this causes a duplicate key constrain violation (`Key (realm_id, parent_group, name)`)
- fixed by flushing group removals

Signed-off-by: Martin Nowak <code@dawg.eu>

* adding a test and using a general fix

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
# Conflicts:
#	services/src/main/java/org/keycloak/partialimport/PartialImportManager.java

---------

Signed-off-by: Martin Nowak <code@dawg.eu>
Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Co-authored-by: Steve Hawkins <shawkins@redhat.com>
 2025-11-25 16:17:51 +01:00
rmartinc
ca205272ba Initial integration of the JWT Authorization Grant in client Policies 
Using the downscope executor for testing
Closes #44201

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-11-24 19:37:07 +01:00
vramik
0825f22331 Add toPredicate implementation for conditions 
Closes #42696

Signed-off-by: vramik <vramik@redhat.com>
 2025-11-24 08:56:36 -03:00
Stian Thorgersen
2a78bc67d7 Refactoring around federated client authenticator to better handling lookup of IdPs and clients. Also, introducing updates to documentation. (#44325) 
Closes #44253
Closes #42987
Closes #44063

Signed-off-by: stianst <stianst@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-11-22 12:53:22 +01:00
Giuseppe Graziano
3e8b2f8ab7 New JWT Authorization Grant Identity provider (#44176) 
Closes #43570

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-11-19 09:18:23 +01:00
Stefan Guilhen
464d1a6741 Improve updating existing workflows 
- allow updating entire workflow when no scheduled tasks exist
- allow updating conditions, concurrency, and steps config when scheduled tasks exists

Closes #42618

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-11-17 09:10:29 -03:00
Stian Thorgersen
c284f9ae66 Rename ApiUtil to AdminApiUtil (#44224) 
Closes #44196

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-17 07:52:04 +01:00
Stian Thorgersen
b7815190a2 Merge GenerateKeystoreForTestUtil with CryptoKeyStore (#44223) 
Closes #44195

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-17 07:51:45 +01:00
Stefan Guilhen
3319e8d9b5 Add optional parameter in WorkflowResource.toRepresentation to allow retrieval of the rep without the ids 
Closes #44183

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-11-14 12:20:40 -03:00
Stian Thorgersen
a2c1055f8d Proposed import order (#43432) 
* Add importOrder to Spotless

Closes #43235

Signed-off-by: stianst <stianst@gmail.com>

* Re-order imports with Spotless

Signed-off-by: stianst <stianst@gmail.com>

---------

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-14 09:34:49 +01:00
Hamza Hathoute
8fb8fd5346 fix: add flag to delete-step to control user removal from federation provider 
Closes #43538

Signed-off-by: Hathoute <whitesmith.thedj@gmail.com>
 2025-11-13 22:32:11 +00:00
Vlasta Ramik
d2697232b9 Rename bind endpoint to activate 
Closes #44155

Signed-off-by: vramik <vramik@redhat.com>
 2025-11-13 22:15:33 +01:00
stianst
8dce1eff15 Migrate keys package to new test framework 
Closes #44118

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-13 10:19:53 -03:00
Stefan Guilhen
da7993896d Allow ISO-8601 compatible format for the after field in workflow steps 
- aligns the format with what is used in the JPA connection provider pool max lifetime for time-based configurations

Closes #42913

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-11-12 18:51:49 -03:00
Stefan Guilhen
7acf2ceccb Add pagination and search by name capabilities to WorkflowsResource 
Closes #44164

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-11-12 17:18:11 -03:00
vramik
84a679224b Add operation to deactivate a workflow execution for a resource 
Closes #42124

Signed-off-by: vramik <vramik@redhat.com>
 2025-11-12 17:02:17 -03:00