keycloak

mirror of https://github.com/keycloak/keycloak.git synced 2025-12-16 20:15:46 -06:00

Author	SHA1	Message	Date
Ogen Bertrand	db01ff742b	[OID4VCI] Add support for credential_response_encryption in credential request (#41001 ) Closes #39310 Closes #41031 Signed-off-by: Ogenbertrand <ogenbertrand@gmail.com>	2025-08-04 10:44:41 +00:00
mposolda	3cc8808465	Wrap deprecated passkeys authenticator behind the feature closes #40696 Signed-off-by: mposolda <mposolda@gmail.com>	2025-08-01 16:48:57 +02:00
mposolda	2dab73063d	Getting error 405 'Method Not Allowed' when calling the 'certs' endpoint with HEAD method closes #41537 Signed-off-by: mposolda <mposolda@gmail.com>	2025-07-31 14:32:07 +02:00
Björn Eickvonder	c7cc162f6b	Support for RSA Key Size of 3072 Closes #41551 Signed-off-by: Bjoern Eickvonder <bjoern.eickvonder@inform-software.com>	2025-07-31 13:30:33 +02:00
Alexander Schwartz	e1b3afb686	Refresh token for an OAuth2 based IDP when retrieving the IDP token Closes #14644 Signed-off-by: Alexander Schwartz <aschwart@redhat.com>	2025-07-31 11:11:34 +02:00
Keshav Deshpande	bee7e4b335	Change error to 400 for unknown user (#40939 ) Closes #39079 Signed-off-by: Keshav Deshpande <keshavprashantdeshpande@gmail.com>	2025-07-31 10:23:14 +02:00
rmartinc	1f608fae6e	Create a new condition for credential type and add it to default flows Closes #41354 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-31 10:14:15 +02:00
Thomas Darimont	97dfbd2c84	Add details about client assertion to event Fixes #41405 Signed-off-by: Thomas Darimont <thomas.darimont@googlemail.com>	2025-07-30 18:50:27 +00:00
Takashi Norimatsu	71f510d115	PAR endpoind does not return an appropriate error regarding a request objec closes #41181 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2025-07-29 14:34:39 +02:00
Steven Hawkins	10947d002f	fix: using localtest.me instead of nip.io closes: #40645 Signed-off-by: Steve Hawkins <shawkins@redhat.com>	2025-07-26 11:36:01 +02:00
rmartinc	dd17f7d811	Add a test for IdpUsernamePasswordForm in webauthn CI job Closes #41259 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-24 10:39:29 -03:00
Giuseppe Graziano	8fc5664115	Add id token claims to OpenID Provider Metadata claims_supported Closes #41170 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-07-24 07:21:45 -03:00
Ricardo Martin	853a99c18d	Disable webauthn buttons after click Closes #41037 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-22 15:30:52 +00:00
mposolda	57972d85d3	Update per feedback review Signed-off-by: mposolda <mposolda@gmail.com>	2025-07-22 10:00:37 -03:00
mposolda	bba869b3d5	Fixing Re-authentication with passkeys closes #41242 closes #41008 Signed-off-by: mposolda <mposolda@gmail.com>	2025-07-22 10:00:37 -03:00
Šimon Vacek	eb000cfbe0	Move ComponentsTest.java to the new testsuite (#41169 ) Part of: #34494 Signed-off-by: Simon Vacek <simonvacky@email.cz>	2025-07-22 11:26:06 +00:00
Lukas Hanusovsky	d7273e6b1f	Move ConsentsTest.java to the new testsuite (#40323 ) * Moving files to the new test suite Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com> * Move ConsentsTest.java, UserRoleTest.java to the new testsuite Part of: #34494 Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com> --------- Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>	2025-07-22 12:31:59 +02:00
rmartinc	e0bba39da0	Allow configure encryption details for SAML clients Closes #40933 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-18 20:13:40 +02:00
Takashi Norimatsu	631aebd848	FAPI 2.0 Final - only accept its issuer identifier value as a string in the aud claim received in client authentication assertions closes #41119 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2025-07-18 08:26:21 +02:00
Pedro Igor	87f30a6285	Adding a config to the UPDATE_EMAIL action to force users to verify email Closes #32569 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-07-16 16:21:08 +02:00
Takashi Norimatsu	f00cd980c4	Add FAPI 2.0 + DPoP security profile as default profile of client policies closes #35441 Signed-off-by: Takashi Norimatsu <takashi.norimatsu.ws@hitachi.com>	2025-07-16 09:30:11 +02:00
Lukas Hanusovsky	788e981917	Move UserTest.java to the new testsuite Part of: #34494 Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>	2025-07-16 08:13:30 +02:00
Lukas Hanusovsky	5e805ac6b3	Move UserStorageRestTest.java to the new testsuite Part of: #34494 Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>	2025-07-15 13:39:32 +02:00
Lukas Hanusovsky	2145830d57	Moving files to the new test suite Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>	2025-07-15 13:39:32 +02:00
Lukas Hanusovsky	17beaa1359	Migrate FineGrainAdminUnitTest.java to the new testsuite Part of: #34494 Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>	2025-07-15 13:38:03 +02:00
Pedro Igor	d5206b61f6	Update email feature only enabled if the required action is enabled at the realm Closes #41045 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-07-14 16:31:15 -03:00
Lukas Hanusovsky	660a4aa48a	Move IdentityProviderTest.java to the new testsuite Part of: #34494 Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>	2025-07-14 15:55:50 +02:00
Lukas Hanusovsky	21d033dc3a	Moving files to the new test suite Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>	2025-07-14 15:55:50 +02:00
Lukas Hanusovsky	73aa3e9c18	Move IllegalAdminUpgradeTest.java to the new testsuite Part of: #34494 Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>	2025-07-14 14:31:59 +02:00
Lukas Hanusovsky	d2b45373d3	Move PartialImportTest.java to the new testsuite Part of: #34494 Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>	2025-07-14 14:00:17 +02:00
forkimenjeckayang	a3441689e9	[OID4VCI] OpenID for Verifiable Credentials support in client settings (#39385 ) Closes #32967 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com> Co-authored-by: Francis Pouatcha <francis.pouatcha@adorsys.com>	2025-07-14 11:47:10 +02:00
Lukas Hanusovsky	cabd7cd474	Move ConcurrencyTest.java, AbstractConcurrencyTest.java to the new testsuite Part of: #34494 Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>	2025-07-14 11:10:54 +02:00
Giuseppe Graziano	2f36276ff0	Remove FGAP:v1 from external-internal token exchange (#40938 ) Closes #40855 Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>	2025-07-11 17:42:47 +02:00
mposolda	274afa88fa	Add option 'Requires short state parameter' to OIDC IDP closes #40237 Signed-off-by: mposolda <mposolda@gmail.com>	2025-07-11 16:17:03 +02:00
Pedro Igor	919554e6fc	Resolve organization when scope is requested and the user is a member or the email domain matches the organization Closes #39864 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-07-10 20:38:47 +02:00
Pascal Knüppel	f39a37d8d1	[OID4VCI] Move realm attributes to clientScope and protocol-mappers (#39768 ) fixes #39527 Signed-off-by: Pascal Knüppel <pascal.knueppel@governikus.de> Signed-off-by: Captain-P-Goldfish <captain.p.goldfish@gmx.de>	2025-07-10 14:46:36 +02:00
Martin Kanis	5a42390341	Make UPDATE_EMAIL a supported feature Closes #40227 Signed-off-by: Martin Kanis <mkanis@redhat.com>	2025-07-09 10:15:48 -03:00
forkimenjeckayang	beb4be6b32	[OID4VCI] : Update Credential Issuer Metadata Model for OID4VCI Draft-15 (#40749 ) Closes #39290 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>	2025-07-09 11:41:17 +02:00
Håvar Nøvik	9d41092944	BUGFIX: session limit exceeded for both client & realm This commit fixes a bug the wrong user session is removed if the user session limit for realm and client is exceeded at the same time. Closes #38016 Signed-off-by: Håvar Nøvik <havar@novik.email>	2025-07-09 11:37:55 +02:00
rmartinc	900d8c7400	Changing default passwordless webauthn policy to follow recommended values in the documentation Closes #40792 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-09 11:34:28 +02:00
rmartinc	6b050776bc	Set client in the session context for logout token encode Closes #40984 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-09 10:50:05 +02:00
rmartinc	d62114e50e	Do not add steps if feature disabled in default flows Allow login if a step is disabled even the authenticator is not enabled by profile Closes #40954 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-07-09 10:44:36 +02:00
Ogen Bertrand	e92b825a14	[OID4VCI]: Add a unique notification_id generation to OID4VCIssuerEndpoint used in CredentialResponse. (#40229 ) closes #39284 Signed-off-by: Ogenbertrand <ogenbertrand@gmail.com>	2025-07-08 19:57:31 +02:00
vramik	114afee7f1	Use MgmtPermissionsV2 by default Closes #40192 Signed-off-by: vramik <vramik@redhat.com>	2025-07-07 11:07:21 -03:00
forkimenjeckayang	178b893492	Always Return Array of Credentilas for Credential Responses (#40409 ) Closes #39283 Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com> Co-authored-by: Francis Pouatcha <francis.pouatcha@adorsys.com>	2025-07-07 13:53:28 +02:00
Michael-AT-Corporation	ff9e7c2371	Added new searchByAttributes function to UsersResource with the exact parameter Closes #39609 Signed-off-by: Michael-AT-Corporation <michael-hu@ooutlook.de>	2025-07-03 13:51:46 -03:00
mposolda	c52edc853d	Verification of external OIDC token by introspection-endpoint. Adding ExternalInternalTokenExchangeV2Test closes #40167 closes #40198 Signed-off-by: mposolda <mposolda@gmail.com>	2025-07-03 16:23:13 +02:00
rmartinc	2db98b6a98	Use POST binding for logout when REDIRECT url is not set and forced POST Closes #40637 Signed-off-by: rmartinc <rmartinc@redhat.com>	2025-06-30 10:30:12 +02:00
Pedro Igor	304bcdce88	Do not show update email link if the email attribute is not writable Closes #39669 Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>	2025-06-28 10:19:41 +02:00
Lukas Hanusovsky	046f8da7e3	[Test framework] ImpersonationTest migration Part of #34494 Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>	2025-06-26 15:04:35 +02:00

... 3 4 5 6 7 ...

5875 Commits