mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2025-12-16 20:15:46 -06:00
Code Issues Packages Projects Releases Wiki Activity
29,779 Commits 20 Branches 287 Tags
main
Commit Graph

29779 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pedro Igor
33f1dda2cf Processing workflow events asynchronously - Part 1 
Closes #42386

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-11-07 10:57:05 -03:00
Martin Bartoš
1f9694358f Ability to enable/disable feature via single property (#43542) 
* Ability to enable/disable feature via single property

Closes #43541

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Provide support for specifying profile preview

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Remove duplication check, use the new WildcardOptionUtil

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Create quarkus specific single profile config resolver

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Remove the feature profile capability for single feature option

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-11-07 13:35:39 +01:00
Martin Bartoš
229cd9450e Improve error message for the HTTPS material loading (#44006) 
Closes #44005

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-11-07 09:48:32 +01:00
Ivan Shcherbakov
442c7a781b fix(useHash): correctly extract hash from pushState url (#43836) 
Signed-off-by: basedest <basedest@icloud.com>
 2025-11-06 14:34:19 -05:00
Steven Hawkins
4a63fcffaf fix: considering source ordinality with spi options (#43805) 
closes: #43793

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-11-06 18:01:18 +01:00
Martin Bartoš
1d3a1b554b Print a warning on duplicate options (#43918) 
* Print a warning on duplicate options

Closes #43604

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Print duplicated CLI keys and even sys props

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-11-06 14:47:29 +00:00
Lukas Hanusovsky
768cea1b82 Add FIPS suite to the new tests (#43431) 
* Add FIPS test suite to the new tests

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>

* Tweaks to FIPS suite in new test

Signed-off-by: stianst <stianst@gmail.com>

---------

Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
Signed-off-by: stianst <stianst@gmail.com>
Co-authored-by: stianst <stianst@gmail.com>
 2025-11-06 14:08:19 +01:00
mposolda
b8a8be33aa Audience validation according to latest specs proposal 
closes #43984

Signed-off-by: mposolda <mposolda@gmail.com>
 2025-11-06 10:21:35 +01:00
Stian Thorgersen
6043027d99 Refactor KubernetesIdentityProvider (#43967) 
Closes #43966

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-05 16:28:07 +01:00
rmartinc
5822c52a30 JWT Authorization grant should not generate refresh and use transient sessions 
Closes #43799

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-11-05 14:17:32 +01:00
Stian Thorgersen
b278dbbb3d Allow identity provider configuration without defaults for user authentication (#43963) 
Closes #43552

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-05 10:13:40 -03:00
Giuseppe Graziano
a9a14bd346 Filter idps by JWT_AUTHORIZATION_GRANT type in client conifig 
Closes #43791

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-11-05 13:56:31 +01:00
Steven Hawkins
27252a14ae fix: adding a single method to get the base uri (#43333) 
* fix: adding a single method to get the base uri

closes: #43330

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* Update server-spi/src/main/java/org/keycloak/urls/HostnameProvider.java

Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
Signed-off-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Václav Muzikář <vaclav@muzikari.cz>
 2025-11-05 12:46:09 +00:00
Bruno Oliveira da Silva
d579bc6cb1 Update maintainers (#43917) 
Signed-off-by: Bruno Oliveira da Silva <bruno@abstractj.com>
 2025-11-05 13:20:40 +01:00
Weblate (bot)
084791ec3e Translations update from Hosted Weblate (#43822) 
* Updated translation for Turkish

Language: tr

Updated translation for Turkish

Language: tr

Updated translation for Turkish

Language: tr

Co-authored-by: Arif EROL <arif.erol16@gmail.com>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Arif EROL <arif.erol16@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>

* Updated translation for German

Language: de

Updated translation for German

Language: de

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Robin <39960884+robson90@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Robin <39960884+robson90@users.noreply.github.com>

* Updated translation for Japanese

Language: ja

Updated translation for Japanese

Language: ja

Updated translation for Japanese

Language: ja

Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Kohei Tamura <ktamura.biz.80@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Kohei Tamura <ktamura.biz.80@gmail.com>

* Updated translation for Czech

Language: cs

Updated translation for Czech

Language: cs

Updated translation for Czech

Language: cs

Added translation for Czech

Language: cs

Added translation for Czech

Language: cs

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Hosted Weblate <hosted@weblate.org>

* Updated translation for French

Language: fr

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Updated translation for French

Language: fr

Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Sylvain Pichon <service@spichon.fr>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Sylvain Pichon <service@spichon.fr>

* Updated translation for Chinese (Traditional Han script)

Language: zh_Hant

Updated translation for Chinese (Traditional Han script)

Language: zh_Hant

Updated translation for Chinese (Traditional Han script)

Language: zh_Hant

Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: 秉虎 <s96016641@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: 秉虎 <s96016641@gmail.com>

---------

Signed-off-by: Arif EROL <arif.erol16@gmail.com>
Signed-off-by: Hosted Weblate <hosted@weblate.org>
Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Robin <39960884+robson90@users.noreply.github.com>
Signed-off-by: Kohei Tamura <ktamura.biz.80@gmail.com>
Signed-off-by: Sylvain Pichon <service@spichon.fr>
Signed-off-by: 秉虎 <s96016641@gmail.com>
Co-authored-by: Arif EROL <arif.erol16@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Co-authored-by: Robin <39960884+robson90@users.noreply.github.com>
Co-authored-by: Kohei Tamura <ktamura.biz.80@gmail.com>
Co-authored-by: Sylvain Pichon <service@spichon.fr>
Co-authored-by: 秉虎 <s96016641@gmail.com>
 2025-11-05 11:36:41 +01:00
Alexander Schwartz
3ef8c565f3 Avoid touching the database layer if no changes are necessary for a user 
Closes #43682

Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-05 06:44:48 -03:00
Steven Hawkins
a04d5d7b5e task: clarifying home dir unset logic (#43904) 
closes: #43903

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-11-05 08:45:06 +01:00
fengyuchuanshen
e321f5ab23 chore: remove repetitive words in comments (#43944) 
Signed-off-by: fengyuchuanshen <fengyuchuanshen@outlook.com>
 2025-11-04 17:55:22 +00:00
Martin Kanis
8e71657576 Add rate limiter for sending verification emails in context of update email 
Closes #43076

Signed-off-by: Martin Kanis <mkanis@redhat.com>
 2025-11-04 12:16:12 -03:00
rmartinc
b5be43ad07 Delete the user in test "creates a user with a password credential" 
Closes #43523

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-11-04 10:50:21 -03:00
rmartinc
245dc950d9 Hide the attribute for allowed IdPs when JWT auth capability is not enabled 
Closes #43925

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-11-04 14:47:43 +01:00
Giuseppe Graziano
4b443f04ee JWT Authorization grant idp config (#43841) 
Closes #43568

Signed-off-by: Giuseppe Graziano <g.graziano94@gmail.com>
 2025-11-04 14:46:14 +01:00
Martin Bartoš
d5763b9c0b Migrate the OTelProvider test to the new framework 
Closes #43858

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-11-04 12:53:47 +01:00
Thomas Diesler
131e2357a9 Cannot issue vc of type oid4vc_natural_person 
Signed-off-by: Thomas Diesler <tdiesler@ibm.com>
 2025-11-04 10:46:44 +01:00
KONSTANTINOS GEORGILAKIS
1c0d4616a5 hide scopes from scopes_supported in discovery endpoint 
Closes #10388

Signed-off-by: cgeorgilakis-grnet <cgeorgilakis@admin.grnet.gr>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-11-03 16:26:12 +00:00
Pedro Igor
2216ada20b Allow GET and PUT methods using application/yaml media type 
Closes #42687

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-11-03 13:09:17 -03:00
vramik
4d912a9c21 Support for YAML payloads for Admin client for creation of workflows 
Closes #43666

Signed-off-by: vramik <vramik@redhat.com>
 2025-11-03 13:09:17 -03:00
sander boer
d805a28ea4 Adds group description during import 
Adds the group description during group import from a
representation. This ensures that the description is properly
populated when groups are created from external sources.

Closes #42851

Signed-off-by: Sander <mail@sanderboer.nl>
 2025-11-03 16:08:49 +00:00
Lukas Hanusovsky
5aa05d08eb Test Framework - new Forms test suite. (#43894) 
Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-11-03 15:15:10 +00:00
Lukas Hanusovsky
0dbcfeb9d0 Test Framework - new Login V1 test suite. (#43895) 
Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-11-03 15:08:12 +00:00
Robin Meese
27a47b2537 Add Czech translators (#43910) 
Closes: #43909

Signed-off-by: Robin Meese <39960884+robson90@users.noreply.github.com>
 2025-11-03 15:52:59 +01:00
Martin Bartoš
75fcf11a1b Separate HOW_TO_RUN.md file for the new testsuite (#43860) 
Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-11-03 15:41:01 +01:00
Lukas Hanusovsky
2ddde05afb Moving UserFederationLdapConnectionTest to federation/ldap package (#43852) 
Signed-off-by: Lukas Hanusovsky <lhanusov@redhat.com>
 2025-11-03 15:39:40 +01:00
Bernat Moix
733dfdbc1c fix: use providerId instead of alias for social provider icons 
Identity provider icons were only displayed when the alias exactly
matched predefined values. This fixes the issue by checking the
providerId (provider type) instead of the alias, allowing custom
aliases while maintaining correct icon display.

Closes #43515

Signed-off-by: Bernat Moix <bmoix@bmoix.io>
 2025-11-03 15:28:05 +01:00
Václav Muzikář
9c86eae7ed Initial Client API v2 impl (#43395) 
Closes #43224

Signed-off-by: Václav Muzikář <vmuzikar@redhat.com>
Co-authored-by: Martin Bartoš <mabartos@redhat.com>
Co-authored-by: Peter Zaoral <pzaoral@redhat.com>
Co-authored-by: Steven Hawkins <shawkins@redhat.com>
Co-authored-by: Robin Meese <39960884+robson90@users.noreply.github.com>
 2025-11-03 14:31:54 +01:00
Steven Hawkins
f7735b573c fix: removing the fast start optimization (#43686) 
* fix: removing the fast start optimization

closes: #38790 #42960

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

* updating the docs based upon a review comment

Signed-off-by: Steve Hawkins <shawkins@redhat.com>

---------

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-11-03 12:37:13 +01:00
vramik
ece96e397e Make set creadential label use reset-password scope 
Closes #43460

Signed-off-by: vramik <vramik@redhat.com>
 2025-11-03 07:57:58 -03:00
Thomas Diesler
fead1b1ab6 Git ignore local keycloak state dir 
Closes #43816

Signed-off-by: Thomas Diesler <tdiesler@ibm.com>
 2025-11-03 09:09:22 +00:00
Stian Thorgersen
d0a7225b3d Allow CORS Access-Control-Allow-Headers customization (#43767) 
Closes #12682

Signed-off-by: stianst <stianst@gmail.com>
 2025-11-03 06:39:44 +00:00
Alexander Schwartz
52ba359cc3 Make client and IDP required when using federated client authentication (#43890) 
Closes #43889

Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-11-03 07:21:55 +01:00
蔡秀吉
e84a1d6363 Fix typos and formatting in OIDC auth flows documentation 
Closes #43818

Signed-off-by: thc1006 <84045975+thc1006@users.noreply.github.com>
 2025-11-01 19:14:41 +00:00
Tobi
479859a7a3 Add new indices on offline_client_session 
Closes #43566

Signed-off-by: twobiers <22715034+twobiers@users.noreply.github.com>
Signed-off-by: Alexander Schwartz <alexander.schwartz@ibm.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@ibm.com>
 2025-10-31 17:49:47 +01:00
AvivGuiser
41d5aae6f6 add labels to realm import jobs (#42967) 
Signed-off-by: AvivGuiser <avivguiser@gmail.com>
 2025-10-31 17:20:22 +01:00
Martin Bartoš
8502cc3ae1 Including OTLP headers for tracing (#43122) 
* Including OTLP headers for tracing

Closes #41007

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Polishing, add test for the util class, address review

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

* Remove the WildcardOptionsUtil#isKcWildcardOption

Signed-off-by: Martin Bartoš <mabartos@redhat.com>

---------

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-10-31 15:46:05 +01:00
Stian Thorgersen
a34b14796f Run unit tests with JDK matrix (#43240) 
Closes #16039

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-31 13:21:44 +01:00
Stian Thorgersen
1048c8d9c9 Filter out non-user authentication IdPs from account and login (#43798) 
Closes #43553

Signed-off-by: stianst <stianst@gmail.com>
 2025-10-31 12:40:04 +01:00
rmartinc
f92adda310 Improve JWT Assertion Validation using client validators 
Closes #43642

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-10-31 11:58:08 +01:00
forkimenjeckayang
f27982aeb7 [OID4VCI] Ensure authorization_details from PAR requests are properly returned in token responses (#43215) 
Closes #43214


Signed-off-by: forkimenjeckayang <forkimenjeckayang@gmail.com>
Signed-off-by: Awambeng Rodrick <awambengrodrick@gmail.com>
Co-authored-by: Awambeng Rodrick <awambengrodrick@gmail.com>
 2025-10-31 11:39:38 +01:00
Ingrid Kamga
ea06651da5 [OID4VCI] Ensure openid_credential is one of authorization_details_types_supported on the Authorization Server metadata (#43599) 
Closes #43398

Signed-off-by: Ingrid Kamga <Ingrid.Kamga@adorsys.com>
 2025-10-31 11:32:24 +01:00
Melek KNANI
8374be674e fix(admin-ui): correct default value for backchannel logout session required 
Signed-off-by: Melek KNANI <melek.knani@etu.ec-lyon.fr>
 2025-10-31 11:00:50 +01:00