mirror/keycloak
1
0
Fork 0
mirror of https://github.com/keycloak/keycloak.git synced 2026-02-11 01:39:01 -06:00
Code Issues Packages Projects Releases Wiki Activity
27,950 Commits 23 Branches 294 Tags
00104461bfd3ffdb968bb3bf566718b1a8a76558
Commit Graph

2594 Commits

Author SHA1 Message Date
vramik
602258d935 [FGAP] Switch the feature from Experimental to Supported 
Closes #38651

Signed-off-by: vramik <vramik@redhat.com>
 2025-04-08 13:00:47 -03:00
Pedro Igor
be880ae204 Do not cache partial results when FGAP is enabled 
Closes #38705

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-08 08:22:22 +02:00
Pedro Ruivo
e730d8bec5 Fix repeated info logs running an import 
Fixes #37941

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-04-07 15:42:57 +02:00
Pedro Igor
e5ff19b327 Adding missing fgap filtering to user count methods 
Closes #38510

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-04 14:21:57 +02:00
Alexander Schwartz
5583155802 Don't update the client session's timestamp when loading it from the database (#38608) 
Closes #38591

Signed-off-by: Alexander Schwartz <alexander.schwartz@gmx.net>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-04-04 09:44:03 +02:00
Stefan Guilhen
33283de8ed Add schema name for update query on Oracle 
- Fixes issue with changeset 2.5.0-unicode-oracle

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #35833
 2025-04-03 19:44:53 -03:00
Pedro Igor
dbb0179a93 Aligning partial evaluation with the outcome from regular evaluations 
Closes #38626

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-04-03 12:07:30 -03:00
skydrinker-tox
94673a6eb0 KeyUtils was warning about invalid key for valid 22 chars short ids 
Closes #37992

Signed-off-by: skydrinker_tox <skydrinker_tox@hotmail.com>
 2025-04-03 17:05:29 +02:00
Steven Hawkins
9ce4539d22 fix: switching default client scopes to lazy loading (#38553) 
closes: #38552

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-04-03 14:11:59 +02:00
Alexander Schwartz
f75a62c948 Clear persistent sessions cache on cluster merge (#38569) 
Closes #38568

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Pedro Ruivo <pruivo@users.noreply.github.com>
 2025-04-01 13:17:00 +02:00
saravanaarh
6b3e348a23 Added condition to check offlineSessionMaxLifespanEnabled on clearing 
Closes #38063

Signed-off-by: Saravana <saravanakumar.a@kobil.com>
Co-authored-by: Saravana <saravanakumar.a@kobil.com>
 2025-03-27 20:11:13 +00:00
Pedro Ruivo
6aa3f9d5a7 Load all ProtoSchemas from the classpath 
Closes #34971

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-03-27 15:41:01 +01:00
Stefan Guilhen
e694065aed User UserModel.isFederated() instead of comparing federation link to null 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #38137
 2025-03-27 08:11:14 -03:00
Robert Hollencamp
eb990bcf23 PersistenceExceptionConverter NPE 
make sure SQLException#getSQLState is not null before attempting to call methods on it. I have observed exceptions during AWS MySQL RDS failovers where sql state is null, causing this method to throw an NPE exception rather than the expected ModelException

closes #38467

Signed-off-by: Robert Hollencamp <rhollencamp@cargurus.com>
 2025-03-27 09:01:35 +00:00
Stefan Guilhen
aeae754e88 Ensure JPAPolicyStore.findByName goes through the PolicyCache 
Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>

Closes #38319
 2025-03-26 11:47:45 -03:00
Pedro Igor
26c90f369f Support for partial evaluation for clients 
Closes #38393

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-25 09:04:12 -03:00
Steven Hawkins
c0da146873 fix: limit the scope of when a single transaction is used for import (#37990) 
closes: #34364

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-03-24 14:39:07 -04:00
Pedro Igor
1c57035d41 Support partial evaluation for the group resource type 
Closes #38273

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-24 11:49:53 -03:00
Ricardo Martin
734c4af876 Add version column to credential table to avoid simultaneous recovery codes updates 
Closes #26106

Signed-off-by: rmartinc <rmartinc@redhat.com>
 2025-03-24 10:30:06 +01:00
Michal Hajas
cb2dc35def Do not leak 5 seconds rotation time to other tests 
Closes #38299

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2025-03-21 11:18:09 +00:00
Alexander Schwartz
afde8ece15 Avoid sending/receiving the session JSON too often (#37095) 
Closs #37093

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-21 10:32:05 +01:00
Sebastian Rose
4fb1c41155 Sending Mails via SMTP and XOAUTH2 authentication mechanism 
Closes #17432

Signed-off-by: Sebastian Rose <sebastian.rose@gmail.com>
 2025-03-21 10:12:18 +01:00
Pedro Igor
a4000575a4 Initial support for partial evaluation 
Closes #38085

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-19 13:30:52 -03:00
Michal Hajas
2ea6b8a222 Do not use certificate's startDate as it can be changed by CertificateUtilsProvider 
Closes #38247

Signed-off-by: Michal Hajas <mhajas@redhat.com>
 2025-03-19 16:48:02 +01:00
Pedro Ruivo
46bbe073fb SPI for compatibility metadata 
Closes #36786

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-17 16:48:24 +00:00
Pedro Igor
b200ab0792 Fix permissions for view-members and manage-members 
Closes #38013

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-03-17 08:27:36 -03:00
GMalliaris
c9d848cd90 Fixing incorrectly cached role after update/rename 
Closes #37320

Signed-off-by: Giorgos Malliaris <georgemalliaris8@gmail.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-10 12:32:37 +01:00
Pedro Ruivo
5efb7cf76e Make JGroups with TLS startup more robust 
Fixes #37887

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-03-07 08:21:53 +01:00
Olivier Boudet
55afebec15 Fix imports 
Signed-off-by: Olivier Boudet <o.boudet@gmail.com>
 2025-03-06 16:32:51 -03:00
Olivier Boudet
72b5af088c Update model/jpa/src/main/java/org/keycloak/organization/jpa/JpaOrganizationProvider.java 
Co-authored-by: Stefan Guilhen <sguilhen@redhat.com>
Signed-off-by: Olivier Boudet <o.boudet@gmail.com>
 2025-03-06 16:32:51 -03:00
Olivier Boudet
017d8e107e feat: resolve organization for federated users #36941 
Signed-off-by: Olivier Boudet <o.boudet@gmail.com>
 2025-03-06 16:32:51 -03:00
Pedro Ruivo
071e97f42f Fixed the annotation processor path for JDK 22+ (#37819) 
Fixes #37816

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
 2025-03-04 15:58:31 +01:00
Alexander Schwartz
bc7ec1208e Enable the TLS based JGroups encryption by default and update the docs 
Closes #37696

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-03 10:50:51 -03:00
Alexander Schwartz
a0de3c26d7 Allow a token to be revoked twice 
Closes #37621

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-03-03 10:49:41 -03:00
Pedro Ruivo
f7e21af82e JGroups certificate rotation 
Closes #37316

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
Co-authored-by: Alexander Schwartz <aschwart@redhat.com>
 2025-02-27 12:56:18 +01:00
Akbar Husain
9d3cfe0672 Remove X-XSS-Protection header (#36881) 
Closes #21728

Signed-off-by: akbarhusainpatel <apatel@intermiles.com>
 2025-02-19 08:42:26 +01:00
Pedro Ruivo
70e2a28ff9 Create CA certificate for JGroups encryption 
Closes #36750

Signed-off-by: Pedro Ruivo <pruivo@redhat.com>
Signed-off-by: Pedro Ruivo <pruivo@users.noreply.github.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-02-13 10:32:43 +00:00
Martin Bartoš
fe40730aed Invalid migration export for empty database 
Fixes #32535

Signed-off-by: Martin Bartoš <mabartos@redhat.com>
 2025-02-11 09:24:53 +01:00
Pedro Igor
4b2d5ed472 Minor fixes, test coverage, and allow deleting local users 
Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-02-07 10:42:45 -03:00
Christian Janker
87db882a89 Do not remove users in LDAP when queries return an empty result 
closes #34764

Signed-off-by: Christian Janker <christian.janker@gmx.at>
 2025-02-07 10:42:45 -03:00
Stefan Guilhen
0fc0dcd119 Ensure IDPs returned from infinispan provider are ordered by alias 
Closes #33243

Signed-off-by: Stefan Guilhen <sguilhen@redhat.com>
 2025-02-07 08:53:09 -03:00
Pedro Igor
bf355f83d3 Review how all resource type permissions are evaluated 
Closes #37081

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-02-06 08:43:29 -03:00
Steven Hawkins
f52cc73548 fix: narrow fix for creating single file import without a system prop (#36457) 
closes: #34270

Signed-off-by: Steve Hawkins <shawkins@redhat.com>
 2025-02-05 14:13:53 +00:00
Pedro Igor
1cb7a4736c Slow query when checking if a realm has brokers and brokering is enabled 
Closes #37062

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
Co-authored-by: Alexander Schwartz <alexander.schwartz@gmx.net>
 2025-02-05 13:49:32 +00:00
Pedro Igor
602df06191 Allows querying credential from user storage providers 
Closes #35020

Signed-off-by: Pedro Igor <pigor.craveiro@gmail.com>
 2025-02-05 07:56:05 -03:00
Alexander Schwartz
7bcc2c4b28 Remove redundant information from cache entries 
Closes #37034

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-02-04 18:47:53 -03:00
Olivier Boudet
e507eb6175 fix: wrong briefRepresentation behavior on Organization 
Signed-off-by: Olivier Boudet <o.boudet@gmail.com>
 2025-02-04 08:52:35 -03:00
Alexander Schwartz
41e0e3751c Changes picking up pruivo's suggestions 
Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-02-03 18:12:41 -03:00
Alexander Schwartz
1cf51a700c Also cache client roles if looked up by name and not found 
Closes #36919

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-02-03 18:12:41 -03:00
Alexander Schwartz
d9fe2dcc48 Cache empty results for role-by-name lookup 
Closes #36919

Signed-off-by: Alexander Schwartz <aschwart@redhat.com>
 2025-02-03 18:12:41 -03:00