mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2025-12-16 12:05:49 -06:00
Code Issues Packages Projects Releases Wiki Activity
29,778 Commits 20 Branches 287 Tags
main
Commit Graph

7727 Commits

Author SHA1 Message Date
Palpable
94ee6d81fb [OID4VCI] Realign naming of attribute configuring algorithms for credential (#44765) 
Closes #44621


Signed-off-by: Vitalisn4 <ngamvitalisyuh@gmail.com>
Signed-off-by: mposolda <mposolda@gmail.com>
Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>
Co-authored-by: Marek Posolda <mposolda@gmail.com>
Co-authored-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>
 2025-12-16 14:46:17 +01:00
Awambeng Rodrick
a1bffa3ddc Add spec-compliant jwt vc issuer well-known endpoint 
- expose /.well-known/jwt-vc-issuer/realms/{realm} and keep legacy route with deprecation headers
- build consumer metadata URL per draft-ietf-oauth-sd-jwt-vc-13 and add realm-path coverage
- add integration test for new path plus deprecation headers on legacy endpoint

Closes #44256

Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
Signed-off-by: Awambeng <awambengrodrick@gmail.com>
 2025-12-16 13:46:06 +01:00
forkimenjeckayang
2f7045d7dd Remove deferred credential endpoint from OID4VC metadata (#44907) 
Closes #44779

Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>
 2025-12-16 12:50:12 +01:00
Lukas Hanusovsky
e8c6a7b98d [Test Framework] Migrate initial WebAuthn setup + WebAuthnRegisterAndLoginTest. (#44016) 
Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-12-15 15:01:42 +01:00
Stian Thorgersen
ab9c6e36ee Remove legacy/jakarta Undertow as we only need one, and upgrade to the latest to fix CVEs (#44901) 
Closes #44814

Signed-off-by: stianst <stianst@gmail.com>
 2025-12-15 10:39:19 +01:00
Awambeng
af8e905774 refactor(oid4vc): remove notification ID handling and related endpoint (#44844) 
Closes #44802


Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
 2025-12-12 14:38:01 +01:00
Stian Thorgersen
421abedaa4 Remove log4j 1.x from Arquillian testsuite (#44827) 
Closes #44555

Signed-off-by: stianst <stianst@gmail.com>
 2025-12-11 11:31:11 +00:00
Stian Thorgersen
2f1628d1a9 Remove log4j 1.x from testsuite/model 
Closes #44554

Signed-off-by: stianst <stianst@gmail.com>
 2025-12-11 10:23:03 +01:00
Stian Thorgersen
ed69f65a9c Remove jpa-performance 
Closes #44812

Signed-off-by: stianst <stianst@gmail.com>
 2025-12-10 23:16:47 +00:00
Stian Thorgersen
7eb3b693b2 Remove log4j 1.x from testsuite/utils 
Closes #44557

Signed-off-by: stianst <stianst@gmail.com>
 2025-12-10 20:08:03 +00:00
forkimenjeckayang
be22a4bd62 [OID4VCI] Fix OID4VC wallet interoperability issues (#44682) 
closes #44736


Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>
 2025-12-10 12:08:01 +01:00
Marek Posolda
f641269ac1 CredentialRequest with credentialIdentifier does not work when creden… (#44794) 
closes #44793


Signed-off-by: mposolda <mposolda@gmail.com>
 2025-12-10 12:02:52 +01:00
Christian Glasmachers
921b10ee80 Login failure cache: Evict entries after the configured failure reset time 
Closes #44801

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Co-authored-by: Christian Glasmachers <Christian.Glasmachers-extern@deutschebahn.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
 2025-12-10 11:20:19 +01:00
rmartinc
43c1a169e4 Manage service accounts when updating a client using registration 
Closes #44257

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-12-09 12:11:11 +01:00
mposolda
3e001a378f Credential offer endpoint has parameter user_id, but expects username 
closes #44642

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-12-08 10:42:35 +01:00
Pascal Knüppel
46e5979b17 [OID4VCI] Handle key_attestation_required in metadata endpoint (#44471) 
fixes #43801


Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
Signed-off-by: Pascal Knüppel <captain.p.goldfish@gmx.de>
Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>
Co-authored-by: Ingrid Kamga <xingridkamga@gmail.com>
 2025-12-05 16:00:32 +01:00
Sebastian Schuster
b5178a2bec Added section on recommended isolation level to db guides 
Closes #44611

Signed-off-by: Sebastian Schuster <sebastian.schuster@bosch.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-12-05 14:48:31 +01:00
Martin Bartoš
52bf0face3 ModelTests are broken after consolidating config logic 
Closes #44700

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-12-05 11:27:18 +00:00
forkimenjeckayang
4dd68c0316 [OID4VCI] Conformance Test Fixes (#44439) 
closes #44659


Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>
 2025-12-04 09:03:38 +01:00
Ricardo Martin
f91363d12d Improve Public Key Management for JWTAuthorizationGrant identity provider 
Closes #44243

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-12-03 11:45:34 +01:00
Pascal Knüppel
9b870d3d8a Fix ClassCastException on mixing AddressMapper with ClaimsMapper (#44457) 
closes #44455


Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>
 2025-12-01 14:55:44 +01:00
Giuseppe Graziano
2b4855ff97 Executor for checking claims in JWT assertions (#44537) 
Closes #4443


Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-12-01 11:07:42 +01:00
Pedro Igor
9abe18e86e Manual sync not executed because of the last sync time 
Closes #44552

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-11-28 19:45:17 +01:00
Pedro Ruivo
b35dd72392 User session deleted events for invalid sessions 
Closes #44513

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-11-28 15:43:59 +00:00
Sebastian Łaskawiec
aa789dd023 Logout confirmation 
Signed-off-by: Sebastian Łaskawiec <sebastian.laskawiec@gmail.com>
 2025-11-28 14:24:32 +01:00
stianst
f6676ccd76 Migrate i18n package to new testsuite 
Closes #44520

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-28 08:56:11 -03:00
Pedro Ruivo
3ed15e740a Add new option to schedule user session expiration 
Closes #44068

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Signed-off-by: Ryan Emerson <remerson@ibm.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Ryan Emerson <remerson@ibm.com>
 2025-11-27 23:01:32 +01:00
Thomas Diesler
54bf9206b2 [OID4VCI] Credential Offer must be created by Issuer not Holder (#44255) 
closes #44116


Signed-off-by: Thomas Diesler <tdiesler@ibm.com>
 2025-11-27 16:07:10 +01:00
Alexander Schwartz
39d1fa2825 Escape passkeys descriptions and labels depending on the context 
Closes #44387

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-27 11:16:21 +01:00
Alexis Rico
b0b38176f0 Manage Organization Invites 
Closes #38809

Signed-off-by: Alexis Rico <sferadev@gmail.com>
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-11-27 10:28:52 +01:00
Pedro Igor
96aea99d6c Make sure LDAP sync runs in a single cluster node and respecting the configured period 
Closes #43752

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-27 08:08:20 +01:00
mposolda
cbb823bc0e Make sd-jwt key binding verification work with EdDSA keys 
closes #44369

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-11-26 14:44:29 +01:00
Alexander Schwartz
2210b1ed50 Avoid un-escaped strings in the login templates for HTML entities 
Closes #44296

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-26 07:55:35 -03:00
Stian Thorgersen
a8d4336da6 Migrate transactions package to new testsuite 
Closes #44460

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-26 10:57:19 +01:00
Alexander Schwartz
37f2488441 When joining a group, don't rely on cached values if user has already been updated 
Closes #44480

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-26 10:52:14 +01:00
Stian Thorgersen
63c7cc7381 Delete MetricsRestServiceTest 
Closes #44451

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-25 12:21:29 +01:00
Thomas Diesler
39264edf3f [OID4VCI] Fix deprecated realm-scoped well-known endpoint access 
Signed-off-by: Thomas Diesler <tdiesler@ibm.com>
 2025-11-25 12:19:17 +01:00
mposolda
49b694bf0a Compilation failure in OID4VCTimeNormalizationSdJwtTest 
closes #44419

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-11-24 08:39:09 -03:00
Awambeng
8406cf34fb [OID4VCI]: Realm-Configurable Time-Claim Normalization (Randomize/Round) to Mitigate Correlation (#43834) 
Closes #43399


Signed-off-by: Awambeng <awambengrodrick@gmail.com>
 2025-11-24 11:07:07 +01:00
Pascal Knüppel
64d5e1a3d5 [OID4VCI] Redesign SDJwt API and handle keybinding JWT (#44227) 
closes #42091


Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de>
Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>
Signed-off-by: mposolda <mposolda@gmail.com>
Co-authored-by: mposolda <mposolda@gmail.com>
 2025-11-24 11:01:19 +01:00
vramik
091b57c1e4 Flaky test: org.keycloak.testsuite.account.AccountRestServiceTest#listApplicationsWithoutPermission 
Closes #43755

Signed-off-by: vramik <vramik@redhat.com>
 2025-11-21 15:05:41 -03:00
Peter Zaoral
4e5f9acac7 Add CI tests for Azure SQL Database 
Closes: #42986

Signed-off-by: Peter Zaoral <pzaoral@redhat.com>
 2025-11-21 14:42:28 +00:00
Pedro Ruivo
13ef89664c More accurate user session expiration logic 
Closes #44204

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-11-19 21:06:17 +01:00
mposolda
68cfb8d720 Fix flaky test ClientAuthSignedJWTTest.testClientWithGeneratedKeysJKS 
closes #43713

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-11-18 11:52:01 +01:00
rmartinc
f0f776e5c8 Fix for WebAuthnSigningInTest WebAuthn test 
Closes #43477

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-11-18 11:02:13 +01:00
Marek Posolda
a4c583246d Use the unified constants class for sd-jwt/oid4vc standard data and claims (#44153) 
closes #44152

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-11-18 10:41:04 +01:00
Pedro Ruivo
7dc7c81b25 Fix UserSessionProviderOfflineModelTest#testLoadUserSessionsWithNotDeletedOfflineClientSessions 
Fixes #43886

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-11-14 20:46:02 +01:00
Pedro Igor
d4f9a09236 Fixing encoding of forwarded parameters 
Closes #44125

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-11-14 15:46:09 -03:00
Pedro Ruivo
70e1dba2c3 Create remember_me column for user sessions 
Closes #44112

Signed-off-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
Co-authored-by: Pedro Ruivo <1492066+pruivo@users.noreply.github.com>
 2025-11-14 14:41:04 +01:00
Stian Thorgersen
a2c1055f8d Proposed import order (#43432) 
* Add importOrder to Spotless

Closes #43235

Signed-off-by: stianst <stianst@gmail.com>

* Re-order imports with Spotless

Signed-off-by: stianst <stianst@gmail.com>

---------

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-14 09:34:49 +01:00